Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Someone's hacking my hit tracker

Status
Not open for further replies.
Guest_imported

Guest_imported

New member
Jan 1, 1970
0
I had the Netscape Hitometer tracker on my web page and have very good reason to believe that someone (I think I know who) has been falsifying my hit tracker data. I know he's not actually hitting my web page since I took this tracker off a day and a half ago but it's still showing hits at the same rate.I also put on a second tracker three days ago which has continued to show only my normal volume average of 10 or so hits a day, not the 100-plus Hitometer has been showing even after I removed it.

The Hitometer uses this HTML insert:
<!-- BEGIN HITOMETER TAG VERSION 2 -->
<script language=&quot;JavaScript1.1&quot;><!--
d=document;c='<img WIDTH=1 HEIGHT=1 border=0 '+
'src=&quot;if(parseFloat(navigator.appVersion)>=4){x='x';s=screen;
c+=s.width+x+s.height+x+s.pixelDepth+x+s.colorDepth;}
d.writeln(c+'$'+d.referrer+'&quot;>'); // -->
</script><noscript><img WIDTH=1 HEIGHT=1 border=0
src=&quot;alt=&quot;Hitometer&quot;></noscript>
<!-- END HITOMETER TAG ( ) -->

I believe he's shooting the false data straight to Netscape using this Javascript. I'm just wondering if & how this could be done? It shows referring hosts & referral pages from my suspect's domains but all the other info (domains visiting, unique visitors, browsers, screen resolutions) is random, including occasional search engine results which don't relate whatsoever to my website (and I'm not even listed on any search engines). Any ideas? I'd love to prove how this is happening! Thanks for any help.
 
Sort by date Sort by votes
jesstine,

> I'm just wondering if & how this could be done?

Well yes it can be done easily and in any number of ways.

> I believe he's shooting the false data straight to Netscape using this Javascript

He's not likely using the javascript for anything more than a API reference. I could use a telnet client to send bogus information to that CGI program using your sites identity. A4252527$3980536$

Hit tracking can easily be tampered with using things like robots or spiders etc. The one you are using is just very simple to spoof.

> I'd love to prove how this is happening!

Not without some serious cracking or the help of Netscape.

&quot;But, that's just my opinion... I could be wrong&quot;.
-pete
 
Upvote 0 Downvote
It seems to me that your code was probably cut and pasted into another website and you are tracking their hits in addition to your own.
Sincerely,

Tom Anderson
CEO, Order amid Chaos, Inc.
 
Upvote 0 Downvote
jesstine -

I would agree with tanderso. while there is still a chance that palbano's theory is correct, there are a whole lot less people in the world that would pourpously falsify your hit counter records (besides, why would you want to increase someones hits? if anything, I would think that someone would want to decrease your hits).

Continuing along with tanderso, a web design newbie may have seen your counter, and just swiped the code. Then, if this newbie has other newbie friends, (which they usually do) he might have just given them the code.

My best advice is to just stick with the new counter.

theEclipse
eclipse_web@hotmail.com
robacarp.webjump.com
**-Trying to build a documentation of a Javascript DOM, crossbrowser, of course. E-mail me if you know of any little known events and/or methods, etc.
 
Upvote 0 Downvote
Actually all the referring pages/hosts are from this person's domains, which are on his own servers and do not allow Hitometer to work -- someone who maintains one of the pages attempted to use Hitometer and it didn't show any hits. There are no links to outside sites on the pages which are shown as referrals to my page. So I don't think the HTML was copied onto someone else's page, although that would be a nice explanation. Unfortunately, I do have good reason to believe that the person who has the domains all the bogus hits are referring from *would* falsify my hit data just to prove that he can.

So my new question is, if he is using a telnet program to send bogus data, would it show the referring hosts/pages as his own, or wouldn't he be able to falsify that as well? And, would Netscape be able to track where the false input is coming from if he is doing it that way?

Thanks all!!
 
Upvote 0 Downvote
> or wouldn't he be able to falsify that as well?

Absolutly, any data can be placed in there.

> would Netscape be able to track where the false input is coming from if
> he is doing it that way?

Yes they can, they will have access to every IP address that connects to the counter (CGI) program. Now if he is going through a firewall or some other proxy/router that hides his machine's IP then that is as close as Netscape will get you.

Good luck
-pete
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JScannell
  • Locked
  • Question
Google Chrome doesn't load my javascript files
Replies
1
Views
394
JScannell
JScannell
HansMaulwurf
  • Locked
  • Question
AJAX not working after database migration from MySQL to SQL Server ( Undefined index)
Replies
0
Views
123
HansMaulwurf
HansMaulwurf
mrgulic
  • Locked
  • Question
Why doesn't my jQuery extension work? (TypeError: validStatus.arrayContains is not a function) 1
Replies
2
Views
149
mrgulic
mrgulic
LyndonOHRC
  • Locked
  • Question
Single quote is breaking my onclick action 1
Replies
4
Views
174
LyndonOHRC
LyndonOHRC
1DMF
  • Locked
  • Question
why is my callback executing immediately?
Replies
2
Views
61
1DMF
1DMF

Part and Inventory Search

Sponsor

Back
Top