Trap Analysis 101

April 11, 2013 Mark Malek

Portal Trap Analysis Screenshot

Recently, Distil Networks released a new report, Trap Analysis and Statistics, in the Distil Admin Portal, which gives a more detailed overview of bot traps and the IP addresses triggering them. There are a number of traps in place for detecting malicious bots including User Agent checks, browser integrity checks, rate limiting, and many others. When a malicious bot attempts to access a site protected by Distil Networks, it triggers a trap. The bot’s request is then blocked, monitored or shown a CAPTCHA page to verify it’s a human visitor. The action taken can be configured within the Content Protection Settings page in the Distil Admin Portal.  

The Trap Analysis and Statistics report displays a list of triggered traps and the number of violations for each. The IP address is captured for each violation allowing a more granular level of control into how the content is accessed. Traps are sorted by the number of violations in descending order with an accompanying bar chart for a quick visual overview into which traps are most frequently triggered.

Selecting a trap in the report will display a list of the IP addresses and the number of violations per IP. If a particular IP address is showing a high number of violations, selecting it will display the WHOIS information, which allows better insight into the bots origin.

IP addresses can be individually blacklisted or whitelisted. All requests from a blacklisted IP address will be blocked until the IP address is removed from the blacklist. Whitelisted IP addresses will never be blocked despite the traps it triggers. This can be especially useful to allow internal tools access, such as automation test tools, that can be mistaken as malicious bots.

Distil Networks releases product updates and enhancements frequently and they will periodically be featured on the blog. Be sure to subscribe to receive the latest posts in your inbox.

About the Author

Mark Malek

Mark Malek has a passion for all things front end. As VP of Engineering at Distil, his responsibilities include the design and development of all customer facing applications such as the Distil Portal. Previously Mark was a front end engineer at 6fusion and iContact.

Follow on Twitter More Content by Mark Malek
Previous Article
Blocking an IP Doesn’t Really Block a Bot
Blocking an IP Doesn’t Really Block a Bot

We talk with customers a lot about bot security, detection & IP address blockers. For every IP you block, t...

Next Article
As a Large Enterprise, Should You Trust Cloud Security Providers?
As a Large Enterprise, Should You Trust Cloud Security Providers?

Not being aware of a security gap is almost always the reason those gaps are eventually exploited. Because ...