ACKNOWLEDGEMENT

First of all, we thank the almighty for his blessings and showing us the right direction.
With His mercy, it has been made possible for us to reach so far. It gives us great pleasure to express
our gratitude towards the guidance and help we have received from our honorable Project Guide
Mr. N. R. Khaire. We are thankful for his continual support, encouragement, and invaluable
suggestion. He not only provided us the help whenever needed, but also the resources required to
complete this thesis report on time. We are also thankful to Mr. Sameer Devane, Head of
Department for his kind help and cooperation. Also we would like to thank our honorable Principal
Dr. S.D. Sawarkar for being our inspiration and supporting us to undertake this project. We express
our gratitude to all the Staff Members of IT Department for providing us all the facilities required
for the completion of our thesis work. We would like to say thanks to all our friends especially for
their support. We want to express our appreciation to every group member who contributed with either
inspirational or actual work to this thesis. Last but not the least we are highly grateful to all our family
members for their inspiration and ever encouraging moral support, which enables us to pursue our
studies.

1
 ABSTRACT

Security of computing machines and networks are increasing in importance as more

and more business is conducted via these systems. Despite decades of research and experience, we are
still unable to make secure computer systems or even manufacture ways to measure a computer
system’s level of security. The automation of exploit scripts and massive global scanning for
vulnerabilities enable adversaries to compromise computer systems shortly after vulnerabilities
become known. One way we can strengthen our defenses against these scans and exploit scripts is to
learn from our adversaries by deploying and monitoring computer systems on a network that we
expect to be broken into. These machines or systems we manufacture to be broken into are called
Honeyware-website analysis/tracking tool.

Modern attacks are being made against client side applications, such as web browsers,
which most users use to surf and communicate on the internet. Client honeypots visit and interact with
suspect web sites in order to detect and collect information about malware to protect users from
malicious websites or to allow security professionals to investigate malicious content.

This paper will present the idea of using web-based technology and integrating it with
a client honeypot by building a low interaction client honeypot tool called Honeyware. It describes the
benefits of Honeyware as well as the challenges of a low interaction client honeypot and provides
some ideas for how these challenges could be overcome. Additionally, in our paper, reviews of the
two major concerns for deployment are covered: website analysis and report generation. This
honeyware tool offers original research on the exact nature of the internet’s threat environment, as
well as some fascinating insights into potential motives and strategies of computer intruders.
 1. PROJECT INTRODUCTION

This project introduces network security, about Honeyware Tool & its modules.
Internet is a global public network. With the growth of the Internet and its potential, there has been
subsequent change in business model of organizations across the world. More and more people are
getting connected to the Internet every day to take advantage of the new business model popularly
known as e-Business. Internet work connectivity has therefore become very critical aspect of today's
e-business. There are two sides of business on the Internet. On one side, the Internet brings in
tremendous potential to business in terms of reaching the end users. At the same time it also brings in
lot of risk to the business. There are both harmless and harmful users on the Internet. Malicious users
or hackers can get access to an organization’s internal systems in various ways. These are:
· Software bugs called vulnerabilities.
· SQL Injection Attacks.
· Cross Side Scripting Attacks (XSS).

Therefore, there needs to be some kind of security to the organization’s private resources from the
Internet as well as from inside users, as survey says that eighty percent of the attacks happen from
inside users for the very fact that they know the systems much more than an outsider knows and access
to information is easier for an insider. Different organizations across the world deploy firewalls to
protect their private network from the Public network. But when it comes to securing a Private
network from the Internet using firewalls, no network can be hundred percent secured. This is
because; the business requires some kind of access to be granted on the internal systems to Internet
users. The firewall provides security by allowing only specific services through it. The firewall
implements a policy for allowing or disallowing connections based on organizational security policy
and business needs. The firewall also protects the organization from malicious attack from the Internet
by dropping connections from unknown sources. But the firewall does not analyze the attacks like
SQL Injections, Cross Side Scripting (XSS) and many more. Therefore, we designed a tool called
Honeyware Tool which is a low interaction client of honeypot with the help of which we can
detect/analyze these kinds of attacks which firewall does not analyze. Additionally, firewall is a
desktop based application whereas our Honeyware tool is a Web-Based application in which scripting
is done is our Web-Application/Website itself through which security is tighten to a particular web site
as well as to a particular web server.
 PROBLEM DEFINITION

Nowadays, security system is very important to any organization to protect their data
or any information kept in their computer from the intruders to access. Unauthorized user is able to
Connect to the organization’s computers and control it in some form to view or access the files. Many
of us know how to use the computer but do not have enough information to secure the computer
especially for the system administrators. Using malicious sites to launch attacks against client user
applications is a growing threat in recent years. This led to emergence of new technologies to counter
and detect this type of client-side attacks.

What is Honeyware Tool?

A Honeyware Tool is “an information system resource whose value lies in unauthorized or illicit use
of that resource”. A Honeyware tool is defined as “being a security resource whose value lies in being
probed or compromised". Our Honeyware Tool is hosts based, but is more often than not network
based as all interaction is typically performed over a network connection. A Honeyware tool’s main
utility comes from the fact that it simplifies the Intrusion Detection problem of separating
“anomalous" from “normal" by having no legitimate purpose, thus any activity on a Honeyware tool
can be immediately defined as anomalous. The characteristics of Honeyware tool make them well
suited to the monitoring of malicious activity on networks, as well as tracking attacks like SQL
Injection, XSS etc. also by generating a graph and report and maintaining the same in the database
collectively.

The end results of the system is the attacker is blocked and the log file is maintained on the daily
session basis also by generating chart and graphs (Report Generation).

OBJECTIVE

 Track Users IP Address.

11
 Study and analyse malicious code.

 Detect more malicious requests by using a honeyware analysis tool.

 Generation and Validation of Honey tokens.

 Browser Detection

 Tracking of attacks like SQL Injections, XSS etc.

 Generation of Charts and Graphs.

 Maintaining Log Files on the daily basis.

PROPOSED PLANNING

Our S yst em’s Applicat ion will be developed in t hree differ ent phases.

Phase-1

Development of Web pages

Developing the Scripting Patterns for

Tracking.
 Development of Database on SQL
SERVER 2008

Phase-2

Integrating Web pages with Database

Making User Interface

Phase-3

Linking and Integration of the Modules

Fig11. PROPOSED SYSTEM PHASES

3. SCOPE OF PROJECT

The ultimate scope of Honeyware Analysis Tool is to detect and identify any malicious
activity coming from the Internet. This ideal case of Honeyware Analysis Tool can be summarized as
follows:

 To study and understand the working of Honeyware Tool.

 To design and implement the Honeyware Tool (Scripting Patterns) on our website which is on
any open source Operating system along with generation and validation of tokens.
 To deploy and test the working of Honeyware Analysis Tool to track the attackers/users.
 Honeyware Analysis Tool should detect the attacks in real-time by maintaining logs of the
same.
 Honeyware Analysis Tool should also detect browsers of users as well as their IP address.
 Honeyware Analysis Tool should detect any known and unknown threats against any client
user application. Application can be any server/client based application. Honeyware Analysis
Tool should be able to check various URLs (images, executable files, html, scripts, etc). Ideal
Honeyware Analysis Tool has rated zero false positive.
 Honeyware Analysis Tool should also detect attacks like SQL Injection, Cross Side Scripting
(XSS) etc.
 Honeyware Analysis Tool should lastly maintain the logs of the same on the daily session basis
as well as maintain the charts and graphs (Report Generation).
 4. REVIEW OF LITERATURE

This Project discusses the state of the art & research issues of network security,
Honeyware Analysis Tool (Website Analysis Tool). With the explosion of the public Internet and
E-commerce, private computers, and computer networks, if not adequately secured, are increasingly
vulnerable to damaging attacks. Hackers, viruses, vindictive employees and even human error all
represent clear and present dangers to networks. And all computer users, from the most casual Internet
surfers to large enterprises, could be affected by network security breaches. However, security
breaches can often be easily prevented. How? This guide provides you with a general overview of the
most common network security threats and the steps you and your organization can take to analyze
Yourselves from threats and ensure that the data traveling across your networks is safe.

Pikoulas J, Mannion M, Buchanan W in the titled “Software Agents and Computer Network
Security” stated that security enhancement software system using software agents, in which a core
software agent resides on one server in a Windows NT network system and user end software agents
reside in each user workstation. The user agent at the client workstation takes all decisions and actions
about invalid user behavior. This means that even when the core agent process is no longer operating
security breaches at the client workstation can still be detected and an appropriate course of action
taken. In the recent years, new trends in the adversary techniques have risen. This led to growth of
new technologies and tools to supplement the existing security defends such as firewalls and intrusion
detection systems (IDS). One of these technologies is Honeyware Tool-Low Interaction Client
Honeypot. Honeypots are a relatively new technology that is becoming increasingly popular, and will
become even more so as commercial solutions become available that are easy to use and administer
because they can be used to collect the information on attackers and other threats also.
 3. PROPOSED SYSTEM AND DESIGN

The ent ir e pro ject was spanned for t he durat io n of 9 mo nt hs. In o rder to design
and develop a cost -effect ive model t he Waterf all Model was pract iced.

Fig4. WATERFALL MODEL

 We developed our project on the basis of waterfall model or we can say as per the
flow of waterfall model. The System is designed as per the following phase of the waterfall model. It
is depicted in the below information.

We have designed started our project from the first step that is Requirement Analysis and Gathering in
which what kind of modules are required for building up this model is looked over. What are the
requirements of the system is glanced over once. Following requirements gathering, the Design of the
System is done based on our frontend i.e. C#.NET as well as on our backend SQL SERVER 2005.
Depending on various types of scripting and patterns the code is been followed and thereafter the
System is prepared in such a way that all the modules decided for our system would be implemented.
The demonstration of the whole System is looked over once. Whether the Implementation is going
properly or not is seen and what modifications are required are been traced.

Following that Testing of the implemented system is done to check whether the implemented
system/project is working perfectly or not or it is working as per decided norms. The Deployment of
the system is done after the testing phase is completed. And lastly as all phase comes to an end the last
phase remains is nothing but Maintenance, as maintain the system or designed project is important so
that it can work in proper way for a long period of time.

13
3.1 DATA FLOW DIAGRAM (DFD)

A data flow diagram (DFD) is a graphical representation of the "flow" of data

through an information system, modeling its process aspects. Often they are a preliminary step used to
create an overview of the system which can later be elaborated. DFDs can also be used for the
visualization of data processing (structured design). A DFD shows what kinds of information will be
input to and output from the system, where the data will come from and go to, and where the data will
be stored. It does not show information about the timing of processes, or information about whether
processes will operate in sequence or in parallel (which is shown on a flowchart).

LEVEL 0:-

The Level 0 DFD shows how the system is divided into sub-systems (processes), each of which deals
with one or more of the data flows to or from an external agent, and which together provide all of the
functionality of the system as a whole. It also identifies internal data stores that must be present in
order for the system to do its job, and shows the flow of data between the various parts of the system.

Fig5. DFD LEVEL 0

14
LEVEL 1:-

The next stage is to create the Level 1 Data Flow Diagram. This highlights the main functions carried
out by the system. As a rule, we try to describe the system using between two and seven functions -
two being a simple system and seven being a complicated system.

Fig6. DFD LEVEL 1

15
LEVEL 2:-

There can be one level 2 DFD for each process of the Level 1 DFD. Level 2 shows a process broken
down into greater detail. Level 2 Diagrams are only necessary where the Level 1 process is more
complex, and where the particular process is relevant to the analysis.

Fig7. DFD LEVEL 2

16
3.2 FLOWCHART

A Flowchart is a type of diagram that represents an algorithm or process, showing the steps as boxes
of various kinds, and their order by connecting these with arrows. This diagrammatic representation
can give a step-by-step solution to a given problem. Process operations are represented in these boxes,
and arrows connecting them represent flow of control.

A
17
A

Fig8. FLOWCHART

18
3.3 E-R DIAGRAM

In software engineering, an Entity – Relationship model (ER model for short) is an abstract way to
describe a database. It usually starts with a relational database, which stores data in tables. Some of the
data in these tables point to data in other tables - for instance, your entry in the database could point to
several entries for each of the phone numbers that are yours. The ER model would say that you are an
entity, and each phone number is an entity, and the relationship between you and the phone numbers is
'has a phone number'. Diagrams created to design these entities and relationships are called Entity–
Relationship diagrams or ER diagrams.

Fig9. E-R DIAGRAM

19
5.4 UML DIAGRAM

Use-Case:-

For our System, the best UML diagram is but obviously USE CASE
DIAGRAM. Use case model for our application is being depicted in the following figure.

Fig10. USE CASE DIAGRAM

 CODING

USER ACTIVITY

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.DataVisualization.Charting;

public partial class h_admin_useractivity : System.Web.UI.Page

{
string[] chartTypes = { "Column", "Line", "BoxPlot", "Bar", "Point", "FastLine",
"FastPoint", "Spline", "StackedArea" };
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
ddlChartTypr.DataSource = chartTypes;
ddlChartTypr.DataBind();
GetTypeCookie();
}
}

protected void ddlChartTypr_SelectedIndexChanged(object sender, EventArgs e)

{
SetChartType(Chart_Pages.Series[0], ddlChartTypr.Text);
SetChartType(Chart_All.Series[0], ddlChartTypr.Text);
SetTypeCookie(ddlChartTypr.Text);
}

protected void SetChartType(Series chartSeries, string type)

{
switch (type)
{
case "Bar":
chartSeries.ChartType = SeriesChartType.Bar;
break;
case "Line":
chartSeries.ChartType = SeriesChartType.Line;
break;
case "BoxPlot":
chartSeries.ChartType = SeriesChartType.BoxPlot;
break;
case "Column":
chartSeries.ChartType = SeriesChartType.Column;
break;
case "Point":
chartSeries.ChartType = SeriesChartType.Point;
break;
case "CandlestickErrorBar":
chartSeries.ChartType = SeriesChartType.Candlestick;
break;
case "ErrorBar":
 chartSeries.ChartType = SeriesChartType.ErrorBar;
break;
case "FastLine":
chartSeries.ChartType = SeriesChartType.FastLine;
break;
case "FastPoint":
chartSeries.ChartType = SeriesChartType.FastPoint;
break;
case "Funnel":
chartSeries.ChartType = SeriesChartType.Funnel;
break;
case "Kagi":
chartSeries.ChartType = SeriesChartType.Kagi;
break;
case "PointAndFigure":
chartSeries.ChartType = SeriesChartType.PointAndFigure;
break;
case "Polar":
chartSeries.ChartType = SeriesChartType.Polar;
break;
case "Radar":
chartSeries.ChartType = SeriesChartType.Radar;
break;
case "Spline":
chartSeries.ChartType = SeriesChartType.Spline;
break;
case "StackedArea":
chartSeries.ChartType = SeriesChartType.StackedArea;
break;
case "StackedBar":
chartSeries.ChartType = SeriesChartType.StackedBar;
break;
case "StepLine":
chartSeries.ChartType = SeriesChartType.StepLine;
break;
case "Stock":
chartSeries.ChartType = SeriesChartType.Stock;
break;
case "ThreeLineBreak":
chartSeries.ChartType = SeriesChartType.ThreeLineBreak;
break;
default:
chartSeries.ChartType = SeriesChartType.Column;
break;
}
}

protected void SetTypeCookie(string type)

{
HttpCookie tCookie = new HttpCookie("ACTIVITY");
tCookie["CHART_TYPE"] = type;
Response.Cookies.Add(tCookie);
}

protected void GetTypeCookie()

{
HttpCookie tCookie = Request.Cookies["ACTIVITY"];
if (tCookie != null)
 {
string chart_type = tCookie["CHART_TYPE"];
if (chart_type != "" && ddlChartTypr.Items.FindByValue(chart_type) != null)
{
ddlChartTypr.Text = chart_type;
SetChartType(Chart_Pages.Series[0], ddlChartTypr.Text);
SetChartType(Chart_All.Series[0], ddlChartTypr.Text);
}
}
}

protected void Chart_Pages_Customize(object sender, EventArgs e)

{
if (Chart_Pages.Series[0].ChartType != SeriesChartType.Point)
{
foreach (Series series in Chart_Pages.Series)
{
foreach (DataPoint point in series.Points)
{
if (point.YValues.Length > 0 && (double)point.YValues.GetValue(0) ==
0)
{
point.LegendText = point.AxisLabel;
point.AxisLabel = string.Empty;
point.Label = string.Empty;
}
}
}
}
}

protected void Chart_All_Customize(object sender, EventArgs e)

{
if (Chart_All.Series[0].ChartType != SeriesChartType.Point)
{
foreach (Series series in Chart_All.Series)
{
foreach (DataPoint point in series.Points)
{
if (point.YValues.Length > 0 && (double)point.YValues.GetValue(0) ==
0)
{
point.LegendText = point.AxisLabel;
point.AxisLabel = string.Empty;
point.Label = string.Empty;
}
}
}
}
}
}
 ACTIVITY HISTORY

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.DataVisualization.Charting;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;

public partial class h_admin_activityhistory : System.Web.UI.Page

{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
pnlPageHits.Visible = false;
pnlAllHits.Visible = false;
pnlNoRecord.Visible = true;
}
}

protected void btnGo_Click(object sender, EventArgs e)

{
DateTime dtTest;
if (txtDate.Text.Trim() == "")
{
pnlPageHits.Visible = false;
pnlAllHits.Visible = false;
pnlNoRecord.Visible = true;
}
else if (DateTime.TryParse(txtDate.Text.Trim(), out dtTest))
{
litPage.Text = string.Format("USER HITS FOR {0} (PAGES)",
dtTest.ToString("dd-MMM-yyyy"));
litAll.Text = string.Format("USER HITS FOR {0} (ALL RESOURCES)",
dtTest.ToString("dd-MMM-yyyy"));
setUserHits(dtTest);
pnlPageHits.Visible = true;
pnlAllHits.Visible = true;
pnlNoRecord.Visible = false;
}
else
{
pnlPageHits.Visible = false;
pnlAllHits.Visible = false;
pnlNoRecord.Visible = true;
}
}

public void setUserHits(DateTime date)

{
DataTable dTablePage = new DataTable();
DataTable dTableAll = new DataTable();
 SqlConnection con = new
SqlConnection(ConfigurationManager.ConnectionStrings["honeypots.app.con"].ConnectionStrin
g);

SqlCommand cmd = new SqlCommand("GET_USER_ACTIVITY", con);

cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@PARA", SqlDbType.VarChar).Value = "D";
cmd.Parameters.Add("@RESOURCE_TYPE", SqlDbType.VarChar).Value = "PAGE";
cmd.Parameters.Add("@DT", SqlDbType.SmallDateTime).Value = date;
SqlDataAdapter ad = new SqlDataAdapter(cmd);
ad.Fill(dTablePage);
Chart_Pages.DataSource = dTablePage;
Chart_Pages.DataBind();

cmd = new SqlCommand("GET_USER_ACTIVITY", con);

cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@PARA", SqlDbType.VarChar).Value = "D";
cmd.Parameters.Add("@RESOURCE_TYPE", SqlDbType.VarChar).Value = "ALL";
cmd.Parameters.Add("@DT", SqlDbType.SmallDateTime).Value = date;
ad = new SqlDataAdapter(cmd);
ad.Fill(dTableAll);
Chart_All.DataSource = dTableAll;
Chart_All.DataBind();
}

protected void Chart_Pages_Customize(object sender, EventArgs e)

{
if (Chart_Pages.Series[0].ChartType != SeriesChartType.Point)
{
foreach (Series series in Chart_Pages.Series)
{
foreach (DataPoint point in series.Points)
{
if (point.YValues.Length > 0 && (double)point.YValues.GetValue(0) ==
0)
{
point.LegendText = point.AxisLabel;
point.AxisLabel = string.Empty;
point.Label = string.Empty;
}
}
}
}
}

protected void Chart_All_Customize(object sender, EventArgs e)

{
if (Chart_All.Series[0].ChartType != SeriesChartType.Point)
{
foreach (Series series in Chart_All.Series)
{
foreach (DataPoint point in series.Points)
{
if (point.YValues.Length > 0 && (double)point.YValues.GetValue(0) ==
0)
{
point.LegendText = point.AxisLabel;
point.AxisLabel = string.Empty;
 point.Label = string.Empty;
}
}
}
}
}
}
 Performance detail

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;

public partial class h_admin_performancedetails : System.Web.UI.Page

{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
pnlPagePerformance.Visible = false;
pnlNoRecord.Visible = true;

if (Request.QueryString["page"] != null && Request.QueryString["page"] != "")

{
litPage.Text = Request.QueryString["page"];
hdnPage.Value = Request.QueryString["page"];
}
else
{
Response.Redirect("~/h-admin/performance.aspx");
}
}
}

protected void btnGo_Click(object sender, EventArgs e)

{
DateTime dtFromTest, dtToTest;
if (hdnPage.Value == "")
{
Response.Redirect("~/h-admin/performance.aspx");
}
else if (txtDateFrom.Text.Trim() == "" || txtDateTo.Text.Trim() == "")
{
pnlPagePerformance.Visible = false;
pnlNoRecord.Visible = true;
}
else if (DateTime.TryParse(txtDateFrom.Text.Trim(), out dtFromTest) &&
DateTime.TryParse(txtDateTo.Text.Trim(), out dtToTest))
{
//litPage.Text = string.Format("USER HITS FOR {0} (PAGES)",
dtTest.ToString("dd-MMM-yyyy"));
setPagePerformance(dtFromTest, dtToTest, hdnPage.Value);
pnlPagePerformance.Visible = true;
pnlNoRecord.Visible = false;
}
else
{
pnlPagePerformance.Visible = false;
 pnlNoRecord.Visible = true;
}
}

public void setPagePerformance(DateTime from, DateTime to, string page)

{
DataTable dTablePageList = new DataTable();
SqlConnection con = new
SqlConnection(ConfigurationManager.ConnectionStrings["honeypots.app.con"].ConnectionStrin
g);

SqlCommand cmd = new SqlCommand("GET_PAGE_PERFORMANCE", con);

cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@PARA", SqlDbType.VarChar).Value = "PER";
cmd.Parameters.Add("@LIMIT_FROM_DATE", SqlDbType.Date).Value = from;
cmd.Parameters.Add("@LIMIT_FROM_TO", SqlDbType.Date).Value = to;
cmd.Parameters.Add("@PAGE", SqlDbType.VarChar).Value = page;
SqlDataAdapter ad = new SqlDataAdapter(cmd);
ad.Fill(dTablePageList);
rptPagePerformance.DataSource = dTablePageList;
rptPagePerformance.DataBind();
}
}
 User Log Modul

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

namespace honeypots
{
public class UserLogModule : IHttpModule
{
UserLogger objUserLogger;
public UserLogModule()
{

public void Dispose()

{

public void Init(HttpApplication context)

{
context.BeginRequest += new EventHandler(context_BeginRequest);
context.EndRequest += new EventHandler(context_EndRequest);
context.PostAcquireRequestState += new
EventHandler(context_PostAcquireRequestState);
context.Error += new EventHandler(context_Error);
}

void context_BeginRequest(object sender, EventArgs e)

{
try
{
HttpApplication context = ((HttpApplication)sender);
objUserLogger = new UserLogger();
objUserLogger.StartUserLog(context.Context);
}
catch (Exception ex)
{
objUserLogger.SubmitErrorLog(ex);
HandleResponseOnError();
}
}

void context_PostAcquireRequestState(object sender, EventArgs e)

{
try
{
HttpApplication context = ((HttpApplication)sender);
if (objUserLogger != null)
{
objUserLogger.SetUserLogState(context.Context);
}
}
catch (Exception ex)
 {
objUserLogger.SubmitErrorLog(ex);
HandleResponseOnError();
}
}

void context_EndRequest(object sender, EventArgs e)

{
try
{
HttpApplication context = ((HttpApplication)sender);
if (objUserLogger != null)
{
objUserLogger.EndUserLog(context.Context);
objUserLogger.SubmitUserLog(context.Context);
}
}
catch (Exception ex)
{
objUserLogger.SubmitErrorLog(ex);
HandleResponseOnError();
}
}

void context_Error(object sender, EventArgs e)

{
try
{
HttpApplication context = ((HttpApplication)sender);
if (objUserLogger != null)
{
objUserLogger.SubmitErrorLog(context.Context.Server.GetLastError());
HandleResponseOnError();
}
}
catch (Exception ex)
{
objUserLogger.SubmitErrorLog(ex);
HandleResponseOnError();
}
}

void HandleResponseOnError()
{
// CHECK IF CUSTOM ERROR IS NOT ENABLED IN WEBSITE
if (!HttpContext.Current.IsCustomErrorEnabled)
{
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.ContentType = "text/html";

HttpContext.Current.Response.Write("<html><head><title>Error</title></head><body>");
HttpContext.Current.Response.Write("<div><h2>Error occured in application
!!!</h2><br /><u>handled by honeypots error handler</u></div>");
HttpContext.Current.Response.Write("</body></html>");
HttpContext.Current.Response.End();
}
}
}}