Web Crawling

[adam84]

I just wanted to know that if my script is crawling along someones site, will they be able to track what I am doing or will they even know that I am there?

Thanks

[Maq]

I just wanted to know that if my script is crawling along someones site, will they be able to track what I am doing or will they even know that I am there?

Thanks

 

Of course they can, you're connecting to their server.

[zq29]

Yes, you'll leave a nice set of footprints through their log files.

[jxrd]

If 'Ctrl + v' and 'Ctrl + c' didnt exist, I don't think I would ever program...

 

That doesn't sounds like good programming...you should create functions to prevent repetive code.

 

...yeah.

[.josh]

You cannot hide that you were there (unless you managed to gain a level of access to the server to remove stuff...), but you can, to a degree, obfuscate or altogether remove some of the breadcrumbs that lead back to you. 

[jxrd]

How would you do that, may I ask?

 

I've researched IP spoofing, but it can't really be done except with one way protocols.

 

HTTP is apparently stupidly difficult, having to bypass the SYN-SYN/ACK-ACK 3-way handshake, as well as the sequences randomly generated by the server.

 

I'm not too knowledgeable on the subject....but I do know that it's pretty hard (if not, impossible) to spoof your IP address for web browsing...

[.josh]

I do not condone doing things like that and so consequently, will not share what little knowledge I have gained about that sort of thing.

[jxrd]

Lol k...I'll take that as an "idk".

[.josh]

Okay let me put it another way, phpfreaks does not condone doing things like that, so if illegal how-to specifics start getting discussed here, this thread will be deleted.

[jxrd]

I don't believe spoofing your IP address is illegal.

[.josh]

illegal/immoral/unethical/black-hat/insert whatever you want to here, you know what I'm talking about, so let's skip the semantics.

[Daniel0]

I don't believe spoofing your IP address is illegal.

 

Sure about that? I'm not a lawyer, but I'm pretty sure you're not allowed to pretend being someone you're not (impersonation).

[jxrd]

Immoral methods such as hacking must be considered when designing a PHP application.

 

Often the best way to protect against something is to learn how it's done.

 

So, does that mean you consider this website illegal/immoral/unethical/black-hat?

 

Would you consider this thread immoral?

 

I don't mean to be rude, and if I am I apologise. But you're the one who suggested it anyways...

 

Sure about that? I'm not a lawyer, but I'm pretty sure you're not allowed to pretend being someone you're not (impersonation).

And yeah, I'm pretty sure. If I was knowingly using someone elses IP address and pretending to be them, then it may well be illegal.

 

But nowhere in any computer misuse act does it state you can't use a certain IP adress.

[Daniel0]

No law says I'm not allowed to pick out your eyes with a pencil either. That doesn't mean I'm allowed to do it.

[.josh]

Immoral methods such as hacking must be considered when designing a PHP application.

 

This is true, and we are not opposed to "how do I protect myself against..." threads.  However, that isn't what you're asking here, now is it.

[jxrd]

No law says I'm not allowed to pick out your eyes with a pencil either. That doesn't mean I'm allowed to do it.

 

If you truly believe IP spoofing is illegal, find a law that prohibits it and I'll admit that I'm wrong.

 

Immoral methods such as hacking must be considered when designing a PHP application.

 

This is true, and we are not opposed to "how do I protect myself against..." threads.  However, that isn't what you're asking here, now is it.

And no, but you suggested it, and I enquired how you would implement it. Tbh, there's not much point in suggesting something if you have no intention of explaining how to do it.

 

Tbh, I can probably spoof an IP as well as you can (which is...probably not very well). I was just enquiring how you would do so yourself, considering this is a place of education, or at least, that's how I think of it.

 

If I wanted to acually spoof my IP address, I'd just google it. You withholding your own methods isn't actually going to stop anyone intent on spoofing their IP address...there's plenty of information out there.

 

I don't want to get into an argument about this, I just don't really see where you're coming from.

[.josh]

Just because I know how to take a hit from a bong without coughing up a lung, and just because they can readily find out from somewhere else, doesn't mean I should teach my kids how to do it.  Get it?

[adam84]

so... is creating a web crawling immoral....?

[Maq]

If you truly believe IP spoofing is illegal, find a law that prohibits it and I'll admit that I'm wrong.

 

I don't believe it is either, but the fact remains that this is usually used for illegal intent.

 

And no, but you suggested it, and I enquired how you would implement it. Tbh, there's not much point in suggesting something if you have no intention of explaining how to do it.

 

He explained that multiple times already...

 

If I wanted to acually spoof my IP address, I'd just google it. You withholding your own methods isn't actually going to stop anyone intent on spoofing their IP address...there's plenty of information out there.

 

Ok, so what do you keep crying about?

 

I don't want to get into an argument about this, I just don't really see where you're coming from.

 

Because trying to bypass security protocols and IP spoofing usually results in something illegal (if not already).

[Maq]

so... is creating a web crawling immoral....?

 

That's a relative term, it could actually be illegal depending on what exactly you're doing.

[.josh]

It also depends on depends on your definition of moral, now doesn't it? 

[Daniel0]

No law says I'm not allowed to pick out your eyes with a pencil either. That doesn't mean I'm allowed to do it.

 

If you truly believe IP spoofing is illegal, find a law that prohibits it and I'll admit that I'm wrong.

 

I believe it is illegal to assume a false identity. So, if you use IP spoofing to make it look like someone or something you're not, yes, I do believe it is unlawful.

 

Every single scenario doesn't have to be explicitly stated in a law for something to be illegal. You're for instance not allowed to pick out someone's eye out with a pencil, even though no law explicitly prohibits it. It's covered by more general laws prohibiting you from harming other people.

[forgas]

Jxrd is right, IP Spoofing in itself is not illegal.  I studied the legality of this for a friend and there is grounds under the data protection act (1998) to spoof your IP (thus far there has not been a precedent though). It's not said specifically that IP spoofing is fine but as your...example... with the pencil proved that doesn't matter as such.

 

Internet related laws are a little hazy but you shouldn't be violating the 2006 Fraud act as far as I can tell provided you don't assume the persons identity.

 

 

[.josh]

I'm closing this thread before it gets flooded by any more jackpf & co.