Some pagejackers may go so far as to pretend to sell merchandise, but never actually deliver anything. In this case, they are simply stealing credit card information, which they then resell to thieves at a substantial price.

What can a webmaster do to reduce chances of this happening? It's difficult, but one thing to do is keep an eye on your server logs. If you see sudden changes in traffic patterns it's a good idea to investigate and find out why. You can also search on your own keywords and make sure that nothing strange pops up in search results. If you do find pages which have been stolen from you, you can be sure that you will have a difficult time getting them removed. You will need to find out who is hosting site, who domain is registered with and so on, and submit complaints. Whether or not these are acted upon depends upon where site is hosted and what pagejacker is doing.

How do surfers get around this problem? Be sure URL of site is URL that you expect. It's better to bookmark your favorite sites than to surf to them via search engines, as you can have more confidence that a site is real if it appears in one of your own bookmarks. Typing in domain name yourself is another good way to be sure you've got right site. These tips are especially true if you are going to spend money on site. Perhaps most important of all, always use a credit card, and check statements carefully for unexpected charges.

If you've got time and money, I've found it's best to set up honeypot in it's own DMZ. A DMZ is a way to protect a network. You set up one firewall, then your web servers, then another firewall to protect your application servers. You do this because web servers need more exposure to internet than your application servers. Also, application servers are much more expensive and critical and thus deserve more protection.

So what you do with honeypots is set up a third DMZ and add one or more honeypot systems to them. Thus, you might put a firewall, a honeypot, another firewall, your web servers, another firewall and then your application servers. You can also just leave honeypots right on internet if you want, although that tends to make them too easy of a target.

And then you just let them sit there and attract hackers. Oh yes, you have to be sure to keep extensive records of everything that happens on these systems, just in case you need it later.

To see a list of article available for reprint, you can send an email to: mailto:article-list@internet-tips.net?subject=send_article_list or visit http://internet-tips.net/requestarticles.htm