Google Hack honeypot
I’ve found The Google Hack honeypot thanks to an entry at sans.org in the handlers diary. I’ve looked at it and it’s an interesting idea. The honeypot installs on your website and is invisibly linked to from another page. This way it gets spidered as if it was a real site. Then, it logs hack attempts against itself by monitoring and logging search referrers and ip addresses of those trying to use it.
It’s an interesting idea. I kind of wonder if you won’t be attracting unwanted attention by using it, but if enough sites had false content that would turn up in a search for something to hack, it would make the hackers job tougher. So, ultimately it might be worthwhile. Plust it might be an eye opener as to who is actually looking to exploit your site.