|
Posted by Michael on 12/05/07 06:55
Chilly8 wrote:
> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
> news:0v2dnWmDBPFamsvanZ2dnUVZ_j-dnZ2d@comcast.com...
>
>
>>> It appears that by simply blocking incoming traffic from the networks
>>> of three data centers around the world has stopped it. I have only see
>>> one "phony" registration all day, coming from China. Blocking all
>>> traffic from inHoster in Ukraine, Keymachine in Germany, and
>>> FDC servers in Chicago has pretty much stopped the porn bots.
>>>
>>>
>>>
>>>
>> For now. But how many legitimate users might you be blocking, also?
>>
>> Blocking an entire range of addresses is almost never the right answer.
>> Just the expedient one.
>
>
> I doubt I would be blocking any legitimate users, as those sites I mentioned
> are all server colocation facilities. It appears that somoene has
> compromised
> all the machines at least two of those server farms. It might be possible
> that
> some users, trying to use a proxy from work to acoid detection by the
> boss, might be affected by blocking FDC servers, since a couple of
> popular anonymity services use FDC for their server needs, but
> beyond that, I don't think many legitimate users will be affected, but
> there really is no other answer to the problem.
>
>
With your logic, why don't you block the entire internet... you know,
seeing a majority of spam comes from the internet and all.
Granted this is where your spam is coming from RIGHT NOW, it wont be in
a few weeks time. But thats okay, you will just block those IPs as well!
When you have thousands of blocked IP ranges, are you going to
periodically check them, to see if they have been re-allocated to some
poor ISP?
It is your site, but you should really consider other options.
- Michael
[Back to original message]
|