Quote:
Originally posted by punkworld
Oh, really?
If a hitbot spoofs all user variables and uses a good randomizer, you lose many methods of detection.
If it spoofs user behaviour, you lose many more (times between clicks, invisible links, prod, etc).
If it uses (fully) anonymous proxies that you don't know, you lose the last ones.
Only way to detect really good hitbots (that spoof everything, accept cookies, parse javascript and execute java), is to know the proxies they are using.
The info available about a visitor is pretty limited, and if it is all faked and there are no suspicious patterns in behaviour, you have no way to detect the hitbot.
Ofcourse, you can just create a huge list of all proxies in the world, and then cross-reference that to your traffic's IPs. That would work, if you managed to get the proxies those hitbots are using... however, it would be a helluva lot of work to gather all those proxies.
|
people have already done that work for you.
There are other things you can do.
You can't simulate 10,000 real visitors if the person is looking at real logs.
You might not be able to PROVE it is a hitbotter, but you can prove that the traffic from XYZ sucks.