Dear Webmasters,
We understand that there is a serious problem
with so called "proxy-bots" that are used to
cheat all sorts of traffic trading scripts.

We are currently developing a custom software
that will effectively eliminate this problem. The script will work with universally all existing traffic trading scripts.

Danube Technologies is a custom software development company based in Seattle, Wa.
We recently worked with Goto.com in diagnosing their "proxy-bot" problem, and we would like to ask the general traffic trading community whether you all would be interested in a proxy-bot cheater prevention software.

Having read a lot of your posts here, I see that each day many of you are losing lots of money because of cheaters. I imagine that these cheaters threaten the whole CJ industry in general.

The pricing has not yet been worked out.

For those that do not already know about proxy bots: A proxy bot is a piece of software, usually written in a highly web-capable programming language, that can make HTTP connections to web sites, store and present cookies, etc., through an anonymous proxy server. Using this technique, they are able to generate false hits through affiliate programs, toplists, or other traffic trading
system.s

Our question to you is whether there is truly a need or demand for such a software. We
would appreciate as many responses and posts as possible. Thank you all for your time.

Sincerely,

Danube Technologies, Inc.

Can you have this software work with sponsor click through software? We use our own proprietary click through software for our blind link program, but my programmer couldn't think of a good solution for stopping proxy hit bots.

So I weed out the proxy bots by hand, but it's a major pain.

There is truly a need for such software, there are lots of cheater right now abusing the scripts. Such software would be usefull, I'm looking forward to hear more about you plans.

Candidpublishinginc: Yes, this software would work with any sort of affiliate or traffic trading program.

NickD: Thanks for the input. Please discuss this with other webmasters out there, too. Before we develop this, we would like to hear input as to features and desired functionality. We have the knowledge and capability to make this work, and best of all, it will fit into your existing scripts.

I think it would be a VERY good idea with such a script.
But I asume you need access to the source code or parts of the source code for the scripts it should work on since it should be implemented into the script?
If that is the case you should probably contact the script writters and work something out since none of us has access to the source code of the script we use for trading

Nothing against you DanubeTech guys, but we developed a very advanced "hitbot" for testing our own software and also tested it on various other sites, including GoTo.com.
We of course cancelled the account after testing, but did not reveal how it was done.

I'm just curious.. if I was to release this code to the general public, would you be able to stop it? According to your post, it would almost seem like you "fixed" GoTo's cheating problems. If that's the case, how come our first test of GoTo.Com last week was a success?

If you are willing to continously upgrade and develop on the software, a lot of webmasters would be interested, I'm sure.

Just reminding you that there are some things that could be very hard to even detect and am mostly asking.. would you be willing to spend an extended amount of time, updating the software and researching eventual "cheating techniques"?

Good luck with your company. Seems like a good idea. http://bbs.adultwebmasterinfo.com/ubb/biggrin.gif

Jonathan,

In my original post I said that we helped diagnose Goto.com's proxy bot problem. They then insisted to handle it internally, for now. They thought that their own techs could fix it, and asked to give it a try first. So we are wishing them the best of luck. http://bbs.adultwebmasterinfo.com/ubb/smile.gif

I think it would be dangerous to release your hitbot to the public. Too many people would take advantage, instead of learn from it.

We too have developed a very sophisticated proxy bot to aid our research efforts.
There would really be no other way to test
our development. And yes, we would continually upgrade and correct the software.
I appreciate your concern regarding Goto.com, but there is little more we can do if they are resistant to a fix. Of course, their situation is much more complicated than the average webmaster's (being that they have partners like Av.com, lycos, etc.).

Anyone have ideas on what features would be desireable?

Due: We are considering a design where the bulk of the code would reside on OUR servers, and it is called "server-side" by our clients. That way, everyone can keep their existing scripts and just plug our cheat protection in. We will probably provide 2 or 3 options for calling the script. Once you use our system, you could also brag to your trading partners that you are sending clean traffic, not a bunch of proxy-bot crap. In this scheme, we would probably charge a monthly usage fee based on the amount of traffic you get. This would make it more affordable for smaller players with less money, and of course more expensive for you big guys out there because of the extra server strain on our end.

Jonathan: I forgot to mention in my last post, but we would like it if you could test the script once it is up and running. Would that be possible?

One thing, if you host the bulk of the code. Then your servers better be rock solid. Cause if your service goes down, and my script can't trade because of that. I'll dump the service right off.

Ron: Of course. We would add new servers
as the strain increases. It all depends on the interest we get, but if we can afford to do it, we would get redundant servers load-balanced all over the country. The calls to our server would be minimal in nature, but you are correct, we would need very robust systems.

Further, we are also weary of the possibility that there would be retaliation from these cheaters. As a software development firm, we have a lot of very bright Master's degree and Ph.D. engineers on staff to armor our systems, but we need to consider the ramifications of constant bombardment before committing to this idea.
Yahoo and Ebay face the same problems, and they've over come them. So we are hoping to do the same. This is a major part of the development, and we will not go live until we have an acceptable degree of confidence.
Very good question!

DanubeTech>
Not sure if I understand you correctly.
But does your software kill all proxy traffic comming to the site?
If that is the case you are probably right that it will elimate cheaters on that site since the site will die a slow death because lots of real traffic would not be counted so I would not be able to return traffic that is being send to me.
Therefor cheaters will automaticly dissapear since they move along with the traffic

Due: No, it would not kill all proxy hits going to your site because you would lose tons of legit traffic too that way (for example, most if not all AOL traffic goes through a cache proxy). Rather, it will signal you via email or in the admin section that a particular traffic trader is very suspicious. I don't want to get into too many details as to the particular functionality for security reasons, but rest assured that the system would work very well.

Ron: to further address your concern, the call to our server would be extremely small per request. And if for some reason the call to our server failed, it would not affect the functioning of your script at all. Trades would continue as normal.

Thanks for all of the feedback, guys. We really appreciate this input in helping us make a good decision.

Can anyone suggest any features or functionalities that may not be obvious to an outsider?

Would the call be done from the actual PHP/cgi trading script or will it fork the request to a locally installed C daemon for batch processing or something? (if a web call is done from the trading script loads on the webserver will rise due to the inherent net lag, not to mention the stress on the servers TCP subsystem... linux 2.4 kernel would be a must)

T&T: Although I appreciate the very technical question, I don't think it would be wise to discuss the system specifics. We want to keep the system as private as possible for security reasons.

But in a broad stroke, we would need to make available several different means to make the call because not everyone has their own server (or access to config files).

OK, I understand the need for secrecy...
My 2 cents though would be that yes, I would consider buying such a software, although you would have a hard time convincing me to run it remotely hosted - I would want local copys and some kind of easy-update system for when you guys find new open proxys etc. I guess pricing is an issue too, in my case I already have dealed with proxys that are open but still pass "forwarded for" variables (which is like 10 lines of php code to deal with them), but if the price is right I'd love to kill of some anon-proxies http://bbs.adultwebmasterinfo.com/ubb/smile.gif

T&T: Here is the issue: we anticipate constant updating and revamps of the core code, at least at first. So it would be a nightmare to reinstall everything on everyone's system. Second, if we sell the software out-right, then a cheater could easily simply buy one and take it apart... and that is the biggest problem.

We would consider creating stand-alone systems for very big clients, however, who may require detailed control over their operations (like Goto.com, etc.).

Also, remember if you kill or deny access for anon or x-forwarded IPs altogether, you are cutting out a lot of legit traffic too. So the idea would be somewhat different, but still just as effective.

Also, the more people that hold the bulk of the code means there is more of a chance that the cheaters can get the prevention software and write a bot around it.

After thinking through this whole thing, it would be a good thing to have it remotly hosted. Or a portion of the critical parts of the script.

But to answer your question, hell yes i would be willing to pay for this type of service. Much cheaper than paying a programmer to write a custom patch!

Ron: yes, you are exactly correct! That is the primary concern for us. If we install a full system on everyone's server, it may expose the code to a cheater posing as a legitimate traffic trader.

Also, not everyone's server will be capable of hosting the application. It would raise the price for everyone because we would be required to first install the supporting platforms and architecture.

Remember, this application will be great for CJ traders, but it will also work with TGP traders, top lists, and click through programs of any kind.

I really appreciate everyone's comments. You all have a pleasure to communicate with. For now, we have decided to undertake the development. I will post here as to the progress, but it is too early to give an estimated completion time. If anyone else has any more to add, please feel free to continue posting.

Sincerely,

The Danube Technologies Team