GeoIP origins of malicious network activity
Sunday, April 28th, 2013I have previously written that GeoIP data is not a reliable source for definitive data analysis – it is, however, a reasonable indicator. The numbers below are from a single server (logged during the past few years) and don’t really provide any surprises. Some things to keep in mind: raw IP information is only an Continue reading →
BSD Milter-greylist smfi_main error – won’t start after ‘system upgrade’
Thursday, November 15th, 2012Ok, you have a system that you partially manage (the ISP updates/installs ‘system’ level goodies like networking, foundation email binaries, system level libraries, etc.) All works well for months (or longer) and then, you start getting SPAM from Country ZZ (which you are sure you ‘banned’ using milter-greylist.) Hmm.. In my, case I also get Continue reading →
WordPress – BotNet Login Hacking Attacks
Friday, May 11th, 2012So, why should you use login restrictions or a Login monitor (plugin or other solution) for your WordPress site? Just one reason – from one day of web logs for one domain – there were no successful logins during this ‘attack’. 5/9/2012 Fail | Start/Stop | IP address | GeoIP Info —–|——————-|—————–|—————————————- 1. 1 Continue reading →
Abuse from BingBot – 2012
Tuesday, March 13th, 2012Stardate errr, ummm, well 3/12/2012 (Monday.) Hopefully this will not persist… I have sent a message via the Bing.com ‘feedback’ page. I have sent an email via a published bingbot email address. No response from Bing.com after ~15 hours… I have established a ‘503’ response for ALL Bingbot requests. Update 3/15/2012 Late in the day Continue reading →
Banning ‘Bad’ Robots & Crawlers
Saturday, February 4th, 2012Every now and then I see web traffic spikes due to ‘bad’ web crawlers – So what is a ‘bad bot’ or ‘bad web crawler’ or ‘bad web spider’? Virtual Rights – do we have any? Not really – I think that we should have expectations of non-abusive access to any resource that we have Continue reading →
« Previous Entries