Malware Domain List
Malware Related => Compromised Servers => Topic started by: adminguy on May 18, 2009, 04:31:49 pm
-
I recently launched two websites and I am finding that on viewing the stats for the site I am getting adult/dating sites in the list of referring sites? What is going on, should I be concerned and how can I avoid this?
I have been placing these sites in an IP deny list but expect there will be others.
-
Have you looked at any of the referers to see if they actually reference your site?
-
Looked at a couple and did not find any reference to my sites.
-
In that case, chances are the referers are faked, and the "visitors" are bots (without seeing the logs, it's a little difficult to do anything more than speculate).
-
You may be right about the bots since they register as just hits without pages. Is there any cause for concern?
-
At this point, I'd just monitor their activity. If you notice their behaviour beginning to lean toward SQL injection attempts etc, then you'll need to start recording their activity and ensure (I'd recommend doing this anyway) your code is not susceptable to injection or exploit.
-
Thanks Steven, I will keep an eye on this. Currently have no database applications running so I might be OK re Injection Attack.
If these are bots, why are they showing up as undesirable type sites? If I was going to camouflage a bot I would disguise it as something benign. What is the bot up to? Harvesting email addresses?
I have also checked all my site links and they all go to the correct URL.
-
Likely scraping or harvesting.
Alas bots and their creators aren't known for their logic, so I've not got an answer as to their faking the referer.