Security

Certifications

RSS

Last web search to here

whois msftncsi.com
google xsx mouse cursors
antennae search .com
xsx alpha blended cursors
no add legacy on device manager
xsx alpha blended cursors
xsx alpha blended cursors
xsx alpha blended cursors
xsx alpha blended cursors

Monday, August 13. 2007

Hey zombie DDOS bot networks - comments.php is not a good target

For some reason, there seems to be a band of zombie compromised systems out on the internet that keep trying to exploit an old s9y (the blogging software used here) bug that has been patched/fixed for years. I realize there can be really old copies of s9y around, but this isn't one of them.

So, if the site seems slow, it is probably due to all the bogus requests coming into comment.php. I've been doing some .htaccess magic to punt 99% of them off the server, but of course, they always add more and different IPs into the mix as time goes on.

I don't like disabling comments and I don't like enabling CAPTCHAs, and so far, my efforts have blocked 99.99% of the trackback and comment spam without the need of other measures. I would say one comment every other month slips by the automated system and gets flagged as a 'needs moderation' comment.

Considering that this site seems to get numerous comment spams per second, that is a pretty good track record.

Posted by Aaron Tiensivu in Other OS info, Personal, Security at 12:53 | Comments (0) | Trackbacks (0)

(Page 1 of 1, totaling 1 entries)