|
|
Posted by Chilly8 on 12/06/07 13:42
"Michael" <michael_j@pythontech.net.au> wrote in message
news:475759e0$0$18454$c3e8da3@news.astraweb.com...
> Chilly8 wrote:
>> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
>> news:Ze6dnUvZ38qZgMvanZ2dnUVZ_uninZ2d@comcast.com...
>>> Chilly8 wrote:
>>>> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
>>>> news:0v2dnWmDBPFamsvanZ2dnUVZ_j-dnZ2d@comcast.com...
>>>>
>>>>
>>>>>> It appears that by simply blocking incoming traffic from the networks
>>>>>> of three data centers around the world has stopped it. I have only
>>>>>> see
>>>>>> one "phony" registration all day, coming from China. Blocking all
>>>>>> traffic from inHoster in Ukraine, Keymachine in Germany, and
>>>>>> FDC servers in Chicago has pretty much stopped the porn bots.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>> For now. But how many legitimate users might you be blocking, also?
>>>>>
>>>>> Blocking an entire range of addresses is almost never the right
>>>>> answer. Just the expedient one.
>>>>
>>>> I doubt I would be blocking any legitimate users, as those sites I
>>>> mentioned
>>>> are all server colocation facilities. It appears that somoene has
>>>> compromised
>>>> all the machines at least two of those server farms. It might be
>>>> possible that
>>>> some users, trying to use a proxy from work to acoid detection by the
>>>> boss, might be affected by blocking FDC servers, since a couple of
>>>> popular anonymity services use FDC for their server needs, but
>>>> beyond that, I don't think many legitimate users will be affected, but
>>>> there really is no other answer to the problem.
>>>>
>>>>
>>>>
>>> There are lots of other answers to the problem. Some have been listed
>>> right here. And none of them involve blocking a whole range of IP
>>> addresses.
>>
>> Well, these are all just server farms, where people place web servers, so
>> the only humans using the machines, other than people browsing the web
>> sites, would be the individual web site admins, so other than maybe
>> somoene trying to use a Web proxy from work to hide what they are
>> doing from the boss, I don't think I would be impacting that many users.
>>
>> Like I said, blocking all traffic from those three data centers has cut
>> the problem of people posting porn links down to almost nothing. I
>> get maybe a handful a day, but not the dozens a day I was getting.
>> I don't think I will see anymore from folks like SuperXXXPorn
>> or BestinWeb. I got them stopped dead in their tracks.
>>
>> If you are running any servers hosted at the datacenters of Inhoster,
>> Keymachine, or FDC servers, you better check and see that
>> your servers have not been compromised by these people that
>> are doing this. 99.9 percent of the traffic that was posting porn
>> links were coming from compromised machines at these data
>> centers. And there is no POSSIBLE way I could have
>> discovered this without using a main page translated to HTML
>> and having all the traffic logged with StatCounter.
>>
>>
>>
>
> Apache logs much?
>
> There are plenty of good utilities to view these logs: analog, awstats and
> webalizer just to name a few.
Ah, but with StatCounter, I get much more detailed information. I can find
out what
search engines they linked on, what keywords were used, I also get
information on
what browser, operating system, and even what screen resolution was used.
None
of the products you mentioned can do that.
Navigation:
[Reply to this message]
|