They play a major role in terms of search engines, monitoring websites, collecting search information and scanning for vulnerabilities. Almost half of all activity on the Internet is from bots. But, unfortunately not all bots are made with good intentions. It’s estimated that 65 percent of all bot traffic is actually used for malicious purposes.
DDoS (distributed denial-of-service) attacks are the most common when it comes to the malicious use of bots. These malicious bots are not always easy to identify. Quite often, webmasters are not even aware that these kinds of bots are scanning through their website. So how would you know, and what should you look for?
– It only takes a few minutes for a bot to crawl through thousands of pages searching for security flaws. So, if you notice an unnaturally high amount of activity coming from one IP address, chances are it’s a malicious bot. Legitimate bots, like Google’s, can easily be identified in your logs by their relevant name, such as “Googlebot”.
– In terms of visits and crawl frequency, bots are very strict. If you notice obvious repetitive patterns in your logs, chances are it’s not from a legitimate bot.
– Returning visitors that carrying no cookie information are probably not actual visitors. Bots will not leave cookie tracking.
More information on Internet bots can be found at: http://blog.ezanga.com/blog/good-bots-bad-bots-and-what-you-need-to-know