Definition
Tarpitting is a method of slowing down and frustrating the operations of bots, spammers, or other malicious entities by obstructing their communications. This makes the environment less productive for the attackers and gives the defenders more time to take action.
How Tarpitting Works
- Connection delays: This tarpitting technique introduces delays in establishing network connections with potential attackers. For instance, when the attacker tries to connect to the server, the server intentionally delays the handshake process, adding a significant delay to the connection configuration. This frustrates the attacker’s efforts, discouraging them from attempting further attempts.
- Response delays: This tarpitting technique intentionally delays the response time to the attacker’s request. If an attacker sends a request, the system deliberately slows down the response, lengthening the overall interaction time.
- Captchas and challenges: Another tarpitting method is introducing captchas or other challenges that require the user to perform additional actions before their requests are processed. This introduces delays as the attacker has to spend time-solving the challenges to proceed with their malicious intentions.
Advantages of Tarpitting
- Delaying attackers: Tarpitting techniques slow down attackers’ actions and allow defenders to detect and respond to attacks promptly.
- Increased attack visibility: Tarpiting introduces delays in the communication process, giving defenders better visibility into the tactics, tools, and techniques the attacker employs.