Comments on: Squashing Zombie Armies By Moving Server? https://schestowitz.com/Weblog/archives/2006/08/31/squashing-zombie-armies-by-moving-server/ Reflections on Technology Wed, 11 Feb 2026 11:00:17 +0000 hourly 1 https://wordpress.org/?v=3.9.40 By: Roy Schestowitz https://schestowitz.com/Weblog/archives/2006/08/31/squashing-zombie-armies-by-moving-server/comment-page-1/#comment-15922 Thu, 31 Aug 2006 17:56:13 +0000 http://schestowitz.com/Weblog/archives/2006/08/31/squashing-zombie-armies-by-moving-server/#comment-15922 Every once in a while there’s some suspicious activity, which leads to (manual) IP-based bans. Currently I have:

194.223.232.72
208.66.195.
209.160.72.219
217.172.39.227
30.19.127.87
4.78.166.134
69.195.31.162
72.232.223.194
87.127.19.30

They all devoured a lot of resources at some stage in August. I flush these lists periodically, but I also report abuse to the ISP’s, whose opinion intersects with mine. There is too much malware and cracker activity. Some are testing spamming scripts (from a collection of Windows zombies, of course), which leads to closing of many involvement-related features on the site, e.g. Wikis, forum registration, comments on older blog posts, Guestbook, etc. The IP addresses are all over the place and it’s impossible to discriminate against user-agent which contains “Windows”. Some ratbots will also forge HTTP headers, potentially pretending to be Googlebot.

]]> By: Justin Joseph https://schestowitz.com/Weblog/archives/2006/08/31/squashing-zombie-armies-by-moving-server/comment-page-1/#comment-15921 Thu, 31 Aug 2006 17:38:20 +0000 http://schestowitz.com/Weblog/archives/2006/08/31/squashing-zombie-armies-by-moving-server/#comment-15921 Roy wrote:
>Yesterday I spotted an unidentified bot (probably illegitimate) which devoured half a gigabyte of pages from my site. It’s costing resources and money.

Forgive my ignorance but Isn’t there any way to stop this ?

with regards
justin

]]>