Sins of The Internet: PagejackingWritten by Richard Lowe
One of most frustrating events you can experience as a webmaster or writer is finding your work has been copied without your permission. I'm sure that just about every writer and every webmaster has been horrified to find his own work somewhere else under a different person's name. The thankfully few times it has happened to me I felt a mixture of blind fury and complete hate.
Sometimes thieves don't stop there. They don't steal a web page or two and claim it as their own (this is merely a copyright violation and a completely unethical thing to do). No, what they do is steal a web page and claim it is YOURS, but with modifications. In other words, they create a web page which is exactly like yours, with some changes to do something undesirable.
Once they have added your page to a different site and made their changes, they submit it to search engines, advertise it in ezines and do all of other standard promotional techniques. They may also register similar domain names to try and fool people into going to their illegal site. Their purpose is to steal your traffic, directing it instead to their own web site (copies of your pages).
Why do they do this? Well, let's say you have a page which is attracting a heck of a lot of visitors. You are making quite a bit of money from affiliate links on that page. An unethical person might make a copy of that page on their own web site, and replace all of your affiliate links with his. Anyone clicking on those links would be generating money for pagejacker, not you.
Another common thing done by pagejackers is to add dozens or even hundreds of links to pornographic sites, many of which pop up automatically. Each time one of these links is displayed pagejacker gets paid a small amount, so more popups they display more money they make.
HoneypotsWritten by Richard Lowe
A honeypot is a special computer system set up for specific purpose of attracting hackers. Generally, these servers will be placed inside a firewall (although they might be outside) and contain specific, known vulnerabilities which allow hackers to gain access. Once inside, a good honeypot contains an immense amount of seemingly attractive targets and information to attempt to cause hacker to spend time on system. While hacker is spending this time, he is being carefully observed and traced.
There are several reasons for creating honeypots.
- They are often simply a way to get hackers to expend time and energy on non-production systems. Because it appears to hacker that he's on a "real" system, there's a good likelihood that he may just stop looking around rest of network. In other words he's already got what he came for.
- A honeypot is a great way to test security. Let's say you produced a new security product and you want to see if it's solid. You could set up a honeypot behind this product, "leak" it's existence to some hackers. Now sit back and see if they get through your defenses.
- Another reason for a honeypot is to attempt to get a hacker to stay long enough so that you can identify him.
- As hacker works his way through honeypot system, he will leave traces and his movements will be tracked. This can all be saved for use in criminal trials at a later date.
In my experience, a honeypot is an extremely useful part of security management. What I've seen others do is simple. Recycle some older computers, not really useful for production anymore, and install some "cool" applications and documents. Add some reasonable security with a few known holes, and make sure system makes itself known on network.