I will start this post with a brief recap for new visitors or for those that have not been following my phpBB2 honey pot experiment. Several months ago (August) I set up an unprotected phpBB2 board. By “unprotected” I mean I did not install any MODs to keep spammers from registering or posting on the board. I did make a few code changes:
- Log IP address on registration
- Added “nofollow” to all links
- Created a cron (scheduled) job to move all posts into a hidden forum every ten minutes
Other than those changes, the board was completely unmodified. Note that the changes made were either to capture more information (IP address on registration) or protect my domain. I posted some statistics after about a month of activity and they weren’t pretty. I posted a few bits of information about patterns that I observed in the registration data a bit later.
Where am I going next? I am going to compare the IP addresses used to register with the IP addresses used to post. There are some interesting patterns that I can share, plus I will get to talk about zombies for a bit. That’s always fun.