Security

Certifications

RSS

Last web search to here

fepclient msi uninstall
what is the cbs log
kb982867
kernelex
cbs logs what is
xsx alpha blended cursors
xsx alpha blended cursors
xsx alpha blended cursors
xsx alpha blended cursors

Monday, August 13. 2007

Hey zombie DDOS bot networks - comments.php is not a good target

For some reason, there seems to be a band of zombie compromised systems out on the internet that keep trying to exploit an old s9y (the blogging software used here) bug that has been patched/fixed for years. I realize there can be really old copies of s9y around, but this isn't one of them.

So, if the site seems slow, it is probably due to all the bogus requests coming into comment.php. I've been doing some .htaccess magic to punt 99% of them off the server, but of course, they always add more and different IPs into the mix as time goes on.

I don't like disabling comments and I don't like enabling CAPTCHAs, and so far, my efforts have blocked 99.99% of the trackback and comment spam without the need of other measures. I would say one comment every other month slips by the automated system and gets flagged as a 'needs moderation' comment.

Considering that this site seems to get numerous comment spams per second, that is a pretty good track record.

Posted by Aaron Tiensivu in Other OS info, Personal, Security at 12:53 | Comments (0) | Trackbacks (0)

(Page 1 of 1, totaling 1 entries)