Menu Search Me

What is Tarpit?

Tarpitting is the practice of slowing the transmission of e-mail messages sent in bulk, as a means of thwarting spammers.

Tarpitting can also be used to thwart robotic connections to web servers. With a tarpitting utility, a request containing any line which matches an extended regular expression will be tarpitted, which means that it will connect to nowhere, will be kept open for a pre-defined time, then will return an HTTP error 500 so that the attacker does not suspect it has been tarpitted.

In protecting HTTP web servers, the goal of the tarpitting is to slow down robots attacking web servers with identifiable requests. Many robots limit their outgoing number of connections and stay connected waiting for a reply which can take several minutes to come. Depending on the environment and attack, it may be particularly efficient at reducing the load on the network and firewalls.