Dude, it's not always safe to assume that by using unknown proxies it will totally beat any security mechanisms advertising systems like adsense use. Some will rely on a list to filter (and ban) people defrauding the system with proxies, but others will actually port scan the IP addresses that are accessing these pages, and use a whole other bunch of stats to find people who cheat the system.Originally Posted by Hacxx
For example:
A while back, I signed up to an affiliate website that gives you ***** for getting people to visit your affiliate link. The owner actually encouraged spam (he has google ads on his page; google ads + more visitors == $$$), unlike most websites that are forced by advertisers to enforce a 'no frauding' system. To be honest, google couldn't give a fuck if one of their advertisers get screwed by a hacker (they possibly earn MORE *****), but they follow the rules, and be fair to both advertiser and web******.
Anyway, I saw that the admin was a TOTAL DUMBASS, so I knew it would be easy to get past his 'filtering system' (if you can even call it that), and I took a look at a few things on his site. I realised that the site uses no sort of proxy checking, and only blocks duplicate IP numbers for 24 hours. So I got a good proxy list, used switchproxy to rotate proxies every *0 seconds, and wrote a program to simulate the 'F5' key (re*****) being pressed every *0 seconds. With all that set up, I left it running and got around *000 hits in something like * hours - equivalent to $*0-60 once you exchange it from his site. Long story short, I could have quite easily got $*000s from scamming a vulnerable site like that, but it closed down, and the guy seemed to disappear once everyone was due to be paid. If I had gone further, I would have done a little more than the half-assed combination of firefox plugin + small program, but it was just an experiment.
^^^^^ Legally, I did not just admit to that, and it was a fictional description of what *could* happen.
So my point is, don't always assume that advertising systems can be beaten with proxies, but also remember that with smaller sites, any script kiddie can beat the system with only the skills to install a firefox plugin, and write a small custom program to automate things. With larger sites, they will rely on proxy lists to detect fraud (and maybe will port scan the IP numbers), smaller sites will rarely have any sufficient protection, apart from some bullshit disclaimer that tells you "Proxies are BANNED". In any case, an unknown proxy list will beat all but the most hardcore protection; but it's best to do things like this to smaller sites.
I think this is a big problem for referral sites, and am probably going to write some sort of paper/tutorial on it for my site when I get time.
And btw, can I take a look at that proxy list?
Reply With Quote