Lunacy Unleashed

Notes from the field in the War on Spam

Cyveillance Bad Behavior

“Online risks are becoming more complex and pervasive by the day,” says the home page of the Cyveillance web site.

Indeed, one of the risks is that your Web site might be targeted by Cyveillance.

The company says that it crawls the Internet looking for phishing scams, identity theft, illegal credit card numbers, trademark and copyright infringement, and more. It’s also been known to work on behalf of the government to spy on whistleblowers who expose waste, fraud and abuse. Some have even alleged that Cyveillance bots attempt to illegally hack into Web servers.

Cyveillance uses robots which crawl your Web site pretending to be a legitimate Web browser and completely ignoring your robots.txt file. Then it tries to figure out whether you’ve downloaded any illegal music, or said something bad about some company. It then sends you threatening letters ordering you to take your site down, even when you haven’t done anything wrong.

Bad Behavior doesn’t just block spammers. It’s meant to target any bot which overloads a Web site, attempts to hack in, delivers spam, acts in an unethical manner, etc.

By relying on analyzing the HTTP requests themselves, rather than simply the IP address, Bad Behavior has blocked Cyveillance almost from the very first release last year, regardless of what IP address range they move to in order to hide their connections. An audit of six months worth of logs shows that Bad Behavior was able to successfully identify and block Cyveillance bots even when they used previously unknown IP address ranges.

December 15, 2006 - Posted by | Bad Behavior, Cyveillance

Sorry, the comment form is closed at this time.

%d bloggers like this: