__/ [John Bokma] on Thursday 13 October 2005 03:20 \__
> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
>
>> __/ [John Bokma] on Thursday 13 October 2005 01:34 \__
>>
>>> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
>
> [ referer spam ]
>
>> counties of shame which I can identify are China, Russia, Singapore,
>> South Korea and Mexico (sorry!) among others.
>
> Mexico is big, and many computers are in Internet cafes (at least where
> I live), so probably easy to infect, and the owners don't care too much
> (probably clean up once a week using Ghost, or just don't care).
One would imagine.
Client: "Hey dude, why is this computer so slow? It takes me ages to send an
E-mail and my time runs out."
Internet Cafe Owner: "It's lunchtime. Network busy."
Roy (halfway across the globe): "Dammit! The server has got so many tasks
queued."
I blame Micro$oft. Code $paghetti.
>> Yes, your word on zombies was the first thing that sprung to my mind.
>> They get more and more of these each day.
>
> 2 days ago 3 people got arrested in the Netherlands. They had a bot net
> of 100,000 infected computers. And contrary to the news, that one is
> just a small one :-(
Yes, I read about it in several feeds. It hit some big headlines in
mainstream media.
>>>> Have
>>>> you got any tricks up your sleeves? I know some tools that combat
>>>> this, but they need console access if not root access too.
>>>
>>> check the referer and -F if it's a known uri.
>>
>> It's quite diverse as I said.
>
> But maybe there is a pattern, like they have sex, viagra, or something
> like that in it?
The referral URL's are mainly from Tonga, but there are dozens of these blue
chip Web sites.
>> It's only a matter of time until the
>> spammers find a workaround, in which case the work was all in vain. I
>> can't figure out why somebody would want to waste so much bandwidth
>> attacking a site like mine for weeks.
>
> Some sites publish referers. If the site has a good PageRank, they get a
> link back. Also, there are always people checking the referer, and
> presto, a visitor.
Yes, I know. In this case, I think it's intended to vandalise though.
>> There is no financial incentive
>> for the spammers, right? I dread the day of gigabit Ethernet in places
>> like HK. Imagine youself the same sort of attack on hosts in east
>> Europe, for example, as opposed to London.
>
> Doesn't matter. Nowadays you just infect thousands and thousands of
> computers. Like my Mexico example, I think people who own a computer are
> (just a very little) bit more careful.
So my site survival now depends on people's willingness to get their s***
together and use anti-malware or drop the worst O/S on this planet... ain't
gonna happen any time soon, right?
Roy
--
Roy S. Schestowitz | "Black holes are where God is divided by zero"
http://Schestowitz.com | SuSE Linux | PGP-Key: 74572E8E
3:50am up 48 days 16:04, 3 users, load average: 0.23, 0.31, 0.41
http://iuron.com - next generation of search paradigms
|
|