Saturday, March 29, 2008

IE6 - Fake Traffic or Surrogate Traffic

This is a prediction which I cannot exactly prove yet, but I am guessing something like this might be going on - and perhaps this is old news because I don't know every security vulnerability that exists for IE6.

My guess is that much of your traffic coming to your web server from IE6 may in fact not be traffic from the person who owns that computer or server. I am guessing that much of the IE6 traffic you see in your logs is a third party who has hijacked that machine, browser, or maybe a session or whatever to hide their true identity while sniffing around for security problems, hijacking your web site content, or possibly blocking search engines from getting to your site to hurt your rankings...not sure but there's something really weird about all the IE6 traffic on my server.

And even more odd is that when this traffic is blocked with a request to upgrade the browser, the user of that machine doesn't upgrade. I find it hard to believe that with all the security hype and fear of stolen identity and access to bank accounts that these users refuse to upgrade their browser. I think maybe these are old machines sitting around that have a browser on them that isn't even used, perhaps, and some hacker has gotten onto it and uses it to hide the true source of the traffic.