| Pages: 1 2 3 4 :: [one page] |
|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
|
Chribba
Otherworld Enterprises
Otherworld Empire
   |
Posted - 2007.01.03 15:54:00 -
[1]
For the past days I've been fighting Chinese spam-networks with temporary success.
Bots roaming through links in search for email addresses to abuse have been hitting EVE-Files hard in the past days, and for some reason they seem to have trouble with movie files - and as you know EVE-Files contains LOTS of movies.
The result is that the bots keep requesting the movies over and over again taking up massive amounts of resources. Until a few days ago I've been limiting the amount of multiple connections to EVE-Files at a hard 5,000. Once the bots start making requests this limit was reached within minutes causing all other requests to be denied (some of you may have noticed unusual errors when trying to connect).
I then decided to increase the limit by the double, a normal day there is usually 1,500-2,000 simultaneous connections, so 5,000 should have been enough easily. Earlier today the new limit of 10,000 wasn't enough. Aprox 8,500 of these connections belonged to around 10-12 different IP's - sure my Veldspar movies are popular... but not that popular. 
So, before taking the decision to block out a major part of all China IP's I am doing some changes to EVE-Files requests, this will have a negative impact to some users and for that I am sorry but this is getting out of hand and I chose to do this way before it is too late and hope that it works out for the better.
Many of these bots strange as it might be are using Norton Internet Security Personal Firewall. As I've been watching these bots connected and keeping an eye on their activity I've noticed that they keep sending "Weferer" headers rather than "Referer" ones.
Some quick Googling on the subject reveals the following:
Leon Degeling of www.consumentenbond.nl emailed me to let me know what
it was - its caused by the Norton Internet Security personal firewall,
which creates it as part of its referer mangling process.
So, phase one is that I've simply blocked all requests using "Weferer" headers. So for those of you who use NISPF you may get blocked too, my suggestion is that you switch fw  or at least see if there is any way of not modifying "Referer" headers (I have no clue if this is possible or not).
Depending on how this turns out will aid me in future steps, unfortunately blocking the major parts of China's IP-ranges may become a reality.
Sorry for any trouble this may cause you. But feel free to whine as that would get me an indication on how many non-spammers I affect with this change.
/c
EVE-Files | EVE-Search | Monitor this Thread |
|
Jim McGregor
|
Posted - 2007.01.03 15:56:00 -
[2]
Edited by: Jim McGregor on 03/01/2007 16:00:28
Isnt it better to just block their IP range? 10-12 different IP's doesnt sound that much.
---
Eve Wiki | Eve Tribune | Eve Pirate |
Rakeris
Legio VIII
|
Posted - 2007.01.03 16:01:00 -
[3]
I say just block the IP range. :p
But a better question may be, why are they doing it? 0.o
----------
I gave up on sigs. As all the beatings are starting to hurt and leave nasty bruises. |
Trek
Minmatar
N.A.G.A Corporation
|
Posted - 2007.01.03 16:03:00 -
[4]
How about using a pf firewall or similar and block the ip adress once it has made x connection attempts in the last 10 minutes or something? Suitable numbers would be up to you to calculate since you know more than anyone about the usage statistics. 
I use this on my own network since I got sick of having hundreds, sometimes thousands, of failed ssh login attempts every day in my security logs.
(oh and greetings from an old corpmate!)
---
My other ship is a Reaper
|
Smagd
Encina Technologies
Namtz'aar k'in
|
Posted - 2007.01.03 16:04:00 -
[5]
Or limit their bandwidth (a.k.a. tarpitting). They'll take 2 weeks to download the first few movies and their own open connection limit will run out.
--
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 16:05:00 -
[6]
 Originally by: Jim McGregor
Edited by: Jim McGregor on 03/01/2007 16:00:28
Isnt it better to just block their IP range? 10-12 different IP's doesnt sound that much.
The 8,500 connections today was from 10-12 different, I have about 250 Chinese spam IP's blocked, they reside in huge IP-ranges among normal DSL customers, so I block them now and in 2 hours they've switched IP's and come back. So the only way for me to block them would be to block the entire subnets, we're talking multiple B-range networks here.
For example, one network would be 222.16.0.0-222.95.255.255, that's 5,136,975 IP's on that range. Then add a few more of those and I've blocked a larger part of China.
EVE-Files | EVE-Search | Monitor this Thread |
|
Beef Hardslab
The 5 Amigo's LLC.
|
Posted - 2007.01.03 16:05:00 -
[7]
Originally by: Rakeris
I say just block the IP range. :p
But a better question may be, why are they doing it? 0.o
Haven't you heard? Chribba is the King of Veldspar, and it's obvious to me that they seek to undermine his throne and pilfer all his master techniques.
/me waits for the fleet of Dread mining bots
|
Illegal
KDM Corp
Firmus Ixion
|
Posted - 2007.01.03 16:06:00 -
[8]
Originally by: Chribba
Bots roaming through links in search for email addresses to abuse have been hitting EVE-Files hard in the past days, and for some reason they seem to have trouble with movie files - and as you know EVE-Files contains LOTS of movies.
^^ Thats why.
--
|
Jim McGregor
|
Posted - 2007.01.03 16:10:00 -
[9]
Originally by: Chribba
Originally by: Jim McGregor
Edited by: Jim McGregor on 03/01/2007 16:00:28
Isnt it better to just block their IP range? 10-12 different IP's doesnt sound that much.
The 8,500 connections today was from 10-12 different, I have about 250 Chinese spam IP's blocked, they reside in huge IP-ranges among normal DSL customers, so I block them now and in 2 hours they've switched IP's and come back. So the only way for me to block them would be to block the entire subnets, we're talking multiple B-range networks here.
For example, one network would be 222.16.0.0-222.95.255.255, that's 5,136,975 IP's on that range. Then add a few more of those and I've blocked a larger part of China.
You are right, that sounds like a bad solution...
How about forcing people to register? At least then you can disallow downloads from anyone not registered, and also block accounts that take too much bandwidth (maybe automatically too).
---
Eve Wiki | Eve Tribune | Eve Pirate |
Verus Potestas
Caldari
The I-Win Button
|
Posted - 2007.01.03 16:10:00 -
[10]
Originally by: Jim McGregor
Isnt it better to just block their IP range? 10-12 different IP's doesnt sound that much.
You'd be surprised. If it's subnets rather than IPs, it could be hundreds of thousands of connections. Even if it's just IPs, there are single IPs used by over a million people...
---
In third-party forums we trust
Did i ask for anyone to copy this into their sig? No, ****heads, its my text, not yours.
|
|
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 16:11:00 -
[11]
Edited by: Chribba on 03/01/2007 16:14:37
Originally by: Trek
How about using a pf firewall or similar and block the ip adress once it has made x connection attempts in the last 10 minutes or something? Suitable numbers would be up to you to calculate since you know more than anyone about the usage statistics.
I use this on my own network since I got sick of having hundreds, sometimes thousands, of failed ssh login attempts every day in my security logs.
(oh and greetings from an old corpmate!)
Originally by: Smagd
Or limit their bandwidth (a.k.a. tarpitting). They'll take 2 weeks to download the first few movies and their own open connection limit will run out.
Only thing stopping me from using additional PF or tarpits is the current setup as I would have to modify the network, servers rather than running on how it is set up now - which is not my most wanted thing to change, but both ways are suitable.
As for what they want... My guess is that they are email harvesters as I find their IP's being blocked in common mail block-lists as well. But they most likely screw up when trying to get a movie. Once they get redirected to my "blocked" page, the requests stop until a new bot comes back.
Originally by: Jim McGregor
How about forcing people to register? At least then you can disallow downloads from anyone not registered, and also block accounts that take too much bandwidth (maybe automatically too).
These bots requests files right off links (could be your signature image, your linkage to your latest screenshot or movie), so registering would only make things even worse as then EVERYONE would have to like "sign in" to see Mr Alt's signature on his EVE-O post.
And I really don't want to block someone's account just because of bots, imagine you relase a video - your enemies starts to mass download it, I block your account since it uses too much bw = everyone else sad coz they can't see your video or your signature.
EVE-Files | EVE-Search | Monitor this Thread |
|
Verus Potestas
Caldari
The I-Win Button
|
Posted - 2007.01.03 16:13:00 -
[12]
Are you sure it's harvesting, rather than deliberate DOS attacks? I'm willing to bet you've been contacted by several people in China asking for advertising space on Eve-files, some of whom might be offended by your rejections...
---
In third-party forums we trust
Did i ask for anyone to copy this into their sig? No, ****heads, its my text, not yours.
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 16:19:00 -
[13]
Originally by: Verus Potestas
Are you sure it's harvesting, rather than deliberate DOS attacks? I'm willing to bet you've been contacted by several people in China asking for advertising space on Eve-files, some of whom might be offended by your rejections...
They looks pretty 'bot'-ish in my eyes, the requests are fairly common/new movies, those referers that does come through are from like bbs.eve-china.com and newly posted topics there with most likely normal linkage of user videos. So targetted attack, doubt it.
EVE-Files | EVE-Search | Monitor this Thread |
|
Makree
Ubar Asteroid Hugging Collective
|
Posted - 2007.01.03 16:19:00 -
[14]
Personally I would block the whole of the APNIC address space. But then you would the Aussies moaning.
Are the abusive IPs in the XBL?
If so can you look this up before blocking?
|
Verus Potestas
Caldari
The I-Win Button
|
Posted - 2007.01.03 16:21:00 -
[15]
Originally by: Makree
Personally I would block the whole of the APNIC address space. But then you would the Aussies moaning.
That's really fair. 12 bots get half the interblag blocked?
---
In third-party forums we trust
Did i ask for anyone to copy this into their sig? No, ****heads, its my text, not yours.
|
Trek
Minmatar
N.A.G.A Corporation
|
Posted - 2007.01.03 16:22:00 -
[16]
Originally by: Chribba
Only thing stopping me from using additional PF or tarpits is the current setup as I would have to modify the network, servers rather than running on how it is set up now - which is not my most wanted thing to change, but both ways are suitable.
Since I don't know anything about how your stuff is set up this might be a shot in the dark... But how about setting up a transparent ethernet bridge and then use pf on the bridge to limit the connections one way or another. Using a transparent bridge should make your network seem unchanged both from the outside and from the inside.
---
My other ship is a Reaper
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 16:23:00 -
[17]
Originally by: Makree
Personally I would block the whole of the APNIC address space. But then you would the Aussies moaning.
Are the abusive IPs in the XBL?
If so can you look this up before blocking?
That would be my last option tbh but indeed it would solve the problems
Some of the IP's are found in various BL's yes. I don't have time nor interest to check up on each one though, and no way of doing this per auto, unless you all want to spend some 20 sec extra before loading any file just because I have to do an IP-check on you - super last option lol
EVE-Files | EVE-Search | Monitor this Thread |
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 16:27:00 -
[18]
Originally by: Verus Potestas
Originally by: Makree
Personally I would block the whole of the APNIC address space. But then you would the Aussies moaning.
That's really fair. 12 bots get half the interblag blocked?
It was 12 today, as I said they change IP and come back. If it had been just the 12 I'd drop only those and we're good. But they switch and come back.
Originally by: Trek
Edited by: Trek on 03/01/2007 16:23:35
Originally by: Chribba
Only thing stopping me from using additional PF or tarpits is the current setup as I would have to modify the network, servers rather than running on how it is set up now - which is not my most wanted thing to change, but both ways are suitable.
Since I don't know anything about how your stuff is set up this might be a shot in the dark... But how about setting up a transparent ethernet bridge and then use pf on the bridge to limit the connections one way or another. Using a transparent bridge should make your network seem unchanged both from the outside and from the inside. Hopefully you wouldn't have to change any other stuff then!
Yeah that's what I most likely would do, but get some new hardware for the bridge first = money = Not first option.
Other options would be to block certain referers as well.
EVE-Files | EVE-Search | Monitor this Thread |
|
Verus Potestas
Caldari
The I-Win Button
|
Posted - 2007.01.03 16:28:00 -
[19]
Originally by: Chribba
Originally by: Verus Potestas
Originally by: Makree
Personally I would block the whole of the APNIC address space. But then you would the Aussies moaning.
That's really fair. 12 bots get half the interblag blocked?
It was 12 today, as I said they change IP and come back. If it had been just the 12 I'd drop only those and we're good. But they switch and come back.
12 bots, not 12 IPs 
---
In third-party forums we trust
Did i ask for anyone to copy this into their sig? No, ****heads, its my text, not yours.
|
Tara Konsidor
|
Posted - 2007.01.03 17:09:00 -
[20]
you could define rate limits like 20 simultanous open connections/ip
unfortunately I've no idea how to do that under win2k3 server 
|
|
|
NebulousBlur
Minmatar
Unknown Shoe Corp.
SMASH Alliance
|
Posted - 2007.01.03 17:17:00 -
[21]
Would you be able to implement any sort of CAPTCHA for files over a given size?
Maybe a custom version of kitten auth with different roid/mineral types :D
http://www.kittenauth.com/
|
Turix
Interstellar eXodus
R0ADKILL
|
Posted - 2007.01.03 17:21:00 -
[22]
Maybe input some kind of alphanumerical verification on larger files or certain ip ranges - im sure some people wouldnt mind putting 4 random no/letters in if it helps fix the server.
|
Randay
0utbreak
|
Posted - 2007.01.03 17:33:00 -
[23]
is that why im getting emails for viagla?
|
Verus Potestas
Caldari
The I-Win Button
|
Posted - 2007.01.03 17:37:00 -
[24]
Originally by: Randay
is that why im getting emails for viagla?
I'm so ronery 
---
In third-party forums we trust
Did i ask for anyone to copy this into their sig? No, ****heads, its my text, not yours.
|
Yarek Balear
The Initiative
|
Posted - 2007.01.03 17:41:00 -
[25]
Originally by: Randay
is that why im getting emails for viagla?
You're supposed to swallow them, not leave them sitting on your tongue making that hard !!!
|
Montaire
Lacedaemon.
Sparta Alliance
|
Posted - 2007.01.03 17:44:00 -
[26]
I deal with crap like this on a professional level. Do you want to get together (voice/video/whatever conference) and see if maybe we can apply some industrial strength solutions ?
|
SasRipper
DIE WITH HONOUR
|
Posted - 2007.01.03 18:19:00 -
[27]
Just block china
Is there really that many chinse legimate users?
They have there own sever let them get there own eve-files if they are going to abuse yours.
|- Insert witty sig here -|
Save Radar Scanner Man!
|
Khnaedra D'Val
Black Knight Buccaneers
Center for Disease Creation
|
Posted - 2007.01.03 18:33:00 -
[28]
I'd have to say going with half-hearted measures would equate to fighting a losing battle, but if you can clamp down on all the bot-connections without having to block out entire subnets, that's probably going to make it easier to avoid blocking genuine requests.
However, one of the forums I help to run has 10 class-A subnets blocked; not counting network/broadcast addresses, that's 42,949,672,960 IP addresses that cannot access them (it was a ridiculous amount more work to remove all the spam posts from one-post members we were noticing popping up far too regularly, from various parts of Asia and South America).
Best of luck finding a solution that stops them connecting to what is an extremely valuable tool for EvE!
|
Agent Lemming
|
Posted - 2007.01.03 18:48:00 -
[29]
Originally by: Chribba
Originally by: Jim McGregor
How about forcing people to register? At least then you can disallow downloads from anyone not registered, and also block accounts that take too much bandwidth (maybe automatically too).
These bots requests files right off links (could be your signature image, your linkage to your latest screenshot or movie), so registering would only make things even worse as then EVERYONE would have to like "sign in" to see Mr Alt's signature on his EVE-O post.
No idea if this would work or not, but would it be possible to have selective requirements for registering, ie something along the lines of movie files, or files above a certain size, need registering before they can be viewed?
|
Gone'Postal
Minmatar
LuthorCorp Combat Division
|
Posted - 2007.01.03 18:49:00 -
[30]
Chribba, why not just make it per user account. Give everyone a set number of MB, if they require more then they have to E-mail one of the players you have givin rights to, Maybe head of alliances should have a unlimited account however thats IP locked to stop them giving it out, if there IP changes they have to E-mail you to request there change to there account.
even if it won't help with this matter it should cut down on the ammout of files you have to look at each day to keep the server nice and clean.
Known Issues & Workarounds - The forum to fix the issues of Eve... Godhelp us if the Devs start trying to. |
|
|
Nir
The Doldrums
|
Posted - 2007.01.03 19:01:00 -
[31]
I doubt that there will be many people truely effected by an IP range block. Its not as if they couldn't ask their friends or corp mates to host files on another site like FileFront if needed..
|
Soporo
|
Posted - 2007.01.03 20:08:00 -
[32]
Oh look, more problems from China, fancy that... |
Lyria Skydancer
Amarr
Queens of the Stone Age
Anarchy Empire
|
Posted - 2007.01.03 20:58:00 -
[33]
Intresting. I was running an ftp server at home for a long time and ALL spam/entry attempts were traced back to china. They sure seem to love running those bots. Id just ban the whole range tbh.
|
Xaroth Brook
Minmatar
Doomcraft
|
Posted - 2007.01.03 21:14:00 -
[34]
Chribba, maybe 'limiting' the amount of hits PER IP/<timespan> rather than a 'global' limit, and apply that to files >X bytes.
Example:
any single IP can only request 2 files OVER 524288 bytes (512kB) PER minute.
that way, the 12 different ip's can only request 24 files per minute, rather than.. 9k?
for the people who use it 'normally' won't notice it that much, plus the forum signatures won't be affected...
-=-=-=-=-=-=-=-=-=-=-=-=-
Xaroth Brook
Brainiac of Doomcraft |
Verus Potestas
Caldari
The I-Win Button
|
Posted - 2007.01.03 21:17:00 -
[35]
Originally by: Xaroth Brook
Chribba, maybe 'limiting' the amount of hits PER IP/<timespan> rather than a 'global' limit, and apply that to files >X bytes.
Example:
any single IP can only request 2 files OVER 524288 bytes (512kB) PER minute.
that way, the 12 different ip's can only request 24 files per minute, rather than.. 9k?
for the people who use it 'normally' won't notice it that much, plus the forum signatures won't be affected...
I like the idea.
---
In third-party forums we trust
Did i ask for anyone to copy this into their sig? No, ****heads, its my text, not yours.
|
Jin Jemai
Caldari
Nightgliders
Ushra'Khan
|
Posted - 2007.01.03 21:19:00 -
[36]
Chribba
Recently I've been using a program called Free download manager to download vids off of eve-files. Is this sort of program that creates a small number of limited connections to download a single file causing similar negative effects as well?
|
Hakera
Freelance Unincorporated
Ushra'Khan
|
Posted - 2007.01.03 21:29:00 -
[37]
Originally by: Jin Jemai
Chribba
Recently I've been using a program called Free download manager to download vids off of eve-files. Is this sort of program that creates a small number of limited connections to download a single file causing similar negative effects as well?
well you are creating more server work and using up a little more of whatever max pipe he has (think chribba still uses a max pipe, ul BW deal) but I dont think your a drop in the ocean to 9k bot requests :)
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 21:53:00 -
[38]
Originally by: Xaroth Brook
Chribba, maybe 'limiting' the amount of hits PER IP/<timespan> rather than a 'global' limit, and apply that to files >X bytes.
Example:
any single IP can only request 2 files OVER 524288 bytes (512kB) PER minute.
that way, the 12 different ip's can only request 24 files per minute, rather than.. 9k?
for the people who use it 'normally' won't notice it that much, plus the forum signatures won't be affected...
Got any software/hardware that does this for me and I'll have a closer look?
Originally by: Hakera
Originally by: Jin Jemai
Chribba
Recently I've been using a program called Free download manager to download vids off of eve-files. Is this sort of program that creates a small number of limited connections to download a single file causing similar negative effects as well?
well you are creating more server work and using up a little more of whatever max pipe he has (think chribba still uses a max pipe, ul BW deal) but I dont think your a drop in the ocean to 9k bot requests :)
Exactly, there's always multiple connections from every IP, loading for example 4 different signature images from a thread, download managers etc but I seriously doubt that your download manager opens up more than 20 pipes at the same time.
EVE-Files | EVE-Search | Monitor this Thread |
|
Dark Kavar
Caldari
Even-Flow
Legiones Astartes
|
Posted - 2007.01.03 21:59:00 -
[39]
I use norton anti-virus, but I guess I can live without eve-files
I am in your system, mining your veldspar |
Kahor
Minmatar
Coreli Corporation
Corelum Syndicate
|
Posted - 2007.01.03 22:02:00 -
[40]
Originally by: Dark Kavar
I use norton anti-virus, but I guess I can live without eve-files
Make yourself a favor, and use avast antivirus.
Friendly advice.
----------------
An eye for an eye make a whole world blind.
|
|
|
Xaroth Brook
Minmatar
Doomcraft
|
Posted - 2007.01.03 22:04:00 -
[41]
Originally by: Chribba
Originally by: Xaroth Brook
Chribba, maybe 'limiting' the amount of hits PER IP/<timespan> rather than a 'global' limit, and apply that to files >X bytes.
Example:
any single IP can only request 2 files OVER 524288 bytes (512kB) PER minute.
that way, the 12 different ip's can only request 24 files per minute, rather than.. 9k?
for the people who use it 'normally' won't notice it that much, plus the forum signatures won't be affected...
Got any software/hardware that does this for me and I'll have a closer look?
Originally by: Hakera
Originally by: Jin Jemai
Chribba
Recently I've been using a program called Free download manager to download vids off of eve-files. Is this sort of program that creates a small number of limited connections to download a single file causing similar negative effects as well?
well you are creating more server work and using up a little more of whatever max pipe he has (think chribba still uses a max pipe, ul BW deal) but I dont think your a drop in the ocean to 9k bot requests :)
Exactly, there's always multiple connections from every IP, loading for example 4 different signature images from a thread, download managers etc but I seriously doubt that your download manager opens up more than 20 pipes at the same time.
.htaccess combined with php?
-=-=-=-=-=-=-=-=-=-=-=-=-
Xaroth Brook
Brainiac of Doomcraft |
Ultim8Evil
Lunar Dawn
Storm Armada
|
Posted - 2007.01.03 22:05:00 -
[42]
Block China 4tw.
If they can get their own special EVE server, they can damn well get their own EVE-Files site.
--------------------------------------------------------------------
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.03 22:24:00 -
[43]
Originally by: Dark Kavar
I use norton anti-virus, but I guess I can live without eve-files
This is regarding Norton Internet Security Firewall mofo, if you can access EVE-Files now, then you are OK as I put in the block a few hours ago.
/c
EVE-Files | EVE-Search | Monitor this Thread |
|
Thommy
|
Posted - 2007.01.03 22:56:00 -
[44]
Edited by: Thommy on 03/01/2007 23:01:50
Even though maybe a somewhat easy solution to just grab other people their code (though that site has been set up just for this reason), but it seems to be very complete.
See Hotscripts got some examples.
The first called netquery seems promising (given PHP is what you do need).
There are more sorts of code but in this case i think its best not to reinvent the wheel but to use an proven excisting packet.
On a sidenote i believe AJAX has some nice scripting for this task aswell though i cant find a good example where it is deployed (though i can imagine google useing it).
*edited for proper link
Guide to fix eve problems.
Cleanup your cache with my cache tool |
Niaski Zalani
Infinitus Odium
|
Posted - 2007.01.03 23:09:00 -
[45]
Well, it might be better to mod your code some and keep track of requests, see how many reqs/sec come in, or whatever means you have to determine if an IP is being abusive or not, then stick em in the firewall or something.
If you wouldn't be using asp (I guess you still are :P) and running on Linux with Apache I'd have just the perfect Apache module for you :D
yarr. |
Xaroth Brook
Minmatar
Doomcraft
|
Posted - 2007.01.03 23:52:00 -
[46]
IIS w/ ASP / Apache w/ ASP will work as well, as long as there's some kind of url rewriting done to proxy all requests through a script...
But I talked to a mate of mine who knows more about this ****.. he said that it'd be less effort to just ban the entire content of China from accessing the files.
-=-=-=-=-=-=-=-=-=-=-=-=-
Xaroth Brook
Brainiac of Doomcraft |
Chamadra
|
Posted - 2007.01.04 00:25:00 -
[47]
Edited by: Chamadra on 04/01/2007 00:31:54
Edited by: Chamadra on 04/01/2007 00:31:25
I don't imagine this would work since it's unlikely the bots will be well behaved. But it's simple and easy to try. Have you created a robots.txt file and then deny access to your site by putting:
User-agent: *
Disallow: /
in the txt file. Most likely the bots created by them will just ignore this but they may not as the standard is to follow the instructions in this file and if they are creating bots from a standard framework it may just work. This file should be placed at the site root.
|
Chamadra
|
Posted - 2007.01.04 00:30:00 -
[48]
The other possibility would be to use buttons and drop downs instead of hard code links. Then use php scripting or something to retreive the page content. That way your requests would look like mysite.com/getfile.php&file=1 or something similar. That would obscure your content from the bots and prevent them from being able to easily search your site.
|
ollobrains
Privateers
Privateer Alliance
|
Posted - 2007.01.04 01:03:00 -
[49]
im just wondering with the taiwan cable down perhaps the chinesse are looking for a way to route their traffic elsewhere like using remote ping in australia UAE etc.
The net itself since the fibre optics in taiwan were cut seems to be dodgy. Playing eve is dangerous
Pick out the say the worst 5 offending IPs and block them or just require registration and then limit the amount per registered account. Make registration a bit difficult to thro use of manual conformation etc
Perhaps the chinesse eve players want movies on how to mega mine veld via the chinesse test server lol.
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.01.04 10:44:00 -
[50]
For those of you who love stats and stuff like that, this is what a normal China-visitor-day looks like on my screen.
Linkage
And as you can see they connect and just keep requesting stuff, this guy however was nice enough to only use one connection, some of the bots seem to have bigger problems as they spam with connections.
EVE-Files | EVE-Search | Monitor this Thread |
|
|
|
Michael Lonewolf
Caldari
|
Posted - 2007.01.05 07:08:00 -
[51]
I know it's not constructive...but you know, China has some harsh laws anyway, when are they going to enact a death penalty for spammers? After all, spammers really are just thieves on all (computing) humanity's time.
|
voogru
Gallente
Massive Damage
|
Posted - 2007.01.05 07:08:00 -
[52]
I used to have problems on my site with bots and all kinds of evil things.
I blocked all of the Chinese IP ranges.
The problems suddenly went away. Maybe it's the way the government wants to censorship, spam everyone else until they block China in order to stop the spam.
|
ghost st
|
Posted - 2007.01.05 07:12:00 -
[53]
Edited by: ghost st on 05/01/2007 07:18:45
Theyre trying to get to chribba's secret veld-p0rn collection!
|
Tareen Kashaar
eXin Alliance
|
Posted - 2007.01.05 07:12:00 -
[54]
Originally by: Michael Lonewolf
I know it's not constructive...but you know, China has some harsh laws anyway, when are they going to enact a death penalty for spammers? After all, spammers really are just thieves on all (computing) humanity's time.
In a way, that's like saying you're a thief for stealing my breathing air.
Good luck with fixing this Chribba, and just letting you know your service to this community is very much appreciated :)
---
WTS: Forum Signatures, 30mil a piece. Evemail me!
|
gfldex
|
Posted - 2007.01.05 07:41:00 -
[55]
Originally by: Xaroth Brook
Chribba, maybe 'limiting' the amount of hits PER IP/<timespan> rather than a 'global' limit, and apply that to files >X bytes.
AFAIK a lot FW got limits on the tables that hold the accounting data. If there are to many connections in a short period of time the tables overflow and wont have much of an effect.
--
$ perl -n -e 'print "Stop blameing pirates! Oveur is the root of all evil!\n" if m/podkill|lost my ship|gank|gate camp|Verone/;'
|
Xsag
Caldari
School of Applied Knowledge
|
Posted - 2007.01.05 08:12:00 -
[56]
norton personal firewall or anything norton based is junk anyway
PUNISH THE FOOLISH!!!
:-)
~n00b of all trades~
~~Airkio~~ / ~~Muvolailen~~
~if im posting on here its cos im in work~ |
Garia666
Amarr
adeptus gattacus
Lotka Volterra
|
Posted - 2007.01.05 08:29:00 -
[57]
Quote:
Leon Degeling of www.consumentenbond.nl emailed me to let me know what
it was - its caused by the Norton Internet Security personal firewall,
which creates it as part of its referer mangling process.
( no idea if your dutch or not ) but..
First of all the consumentenbond is a respected and powerfull organisation in the netherlands that protect the dutch public from making mistakes or give out an advise on which product is better then the other and give an explenation why..
my suggestion besides what you are doing already to resolve the problem, is to mail @ Norton and ask them for an official statement.. Mabe they are working on an patch. or mabe they arent aware of the problem with there software.
regards
g6
->My Vids<- CCP= More skilz more moneh! |
Stevie mcStepherson
Second Wave Supplies
|
Posted - 2007.01.05 08:38:00 -
[58]
One way that we at work stop bots from harvesting email addresses etc is to have a little script that checks if the request has come directly from the server or if it is from a user.
So what then happens is if a user then clicks on the contact us link it will go to the contact us page.
if someone types it in on the url bar it redirects to a blank page.
It may not be 100% perfect but we hate spammers  .
anyway in theory you could expand on this code, put the eve-o servers on the "allow list" and still have the same functionality for the sigs. Links to videos would have to go to a page with a link on that the user has to "click" to access the video.
Drop me a mail if you would like to look at this php code.
|
Boo Koo
|
Posted - 2007.01.05 09:01:00 -
[59]
just have a new banner made for the site with links to anti Chinise goverment information... you will find in days that they will block access to the site for you
|
voogru
Gallente
Massive Damage
|
Posted - 2007.01.05 18:51:00 -
[60]
Originally by: Boo Koo
just have a new banner made for the site with links to anti Chinise goverment information... you will find in days that they will block access to the site for you
Just put a bunch of keywords.
Starting with democracy, human rights, and justice.
|
|
|
Rumbaar
Solitary Forsaken
|
Posted - 2007.01.06 08:35:00 -
[61]
Wouldn't blocking the IP range just force them to move to another country? I know I get a lot of attacks from open proxies in Russia and various European countries.
Also you've also made it clear to others that making people register would be not an option, people would also need to know that these spammers/bots quickly have steps in place to automate any registration process and just make accounts to trawl.
It's a tough problem and I wish you well Chribba in your war.
___________________
Custom banner? Click above or EVEmail |
Rooker
|
Posted - 2007.01.06 15:58:00 -
[62]
This is a trick that I used on a web site. Have a hidden link near the top of every page (use CSS to hide it from browsers). Exclude the page in your robots.txt file so legitimate bots will leave it alone. A bot is going to ignore the CSS and hit the link looking for addresses. A real user won't ever know it's there (unless they're peeking at the HTML). Block every IP address that hits the hidden page or redirect it to a captcha.
---
Space For Rent |
El Berto
Dirty Deeds Corp.
Axiom Empire
|
Posted - 2007.01.06 17:22:00 -
[63]
Just offer to host a Falun Dafa website, the chinese government will sort the problem for you
Seriously, good luck. Please post your final solution - should be quite interesting.
-------
Its great being Caldari. |
Anna Bok
|
Posted - 2007.01.06 17:47:00 -
[64]
Originally by: Chribba
For those of you who love stats and stuff like that, this is what a normal China-visitor-day looks like on my screen.
Linkage
And as you can see they connect and just keep requesting stuff, this guy however was nice enough to only use one connection, some of the bots seem to have bigger problems as they spam with connections.
China don't download my movie 
|
Elendar
Slacker Industries
|
Posted - 2007.01.07 01:17:00 -
[65]
Originally by: voogru
Originally by: Boo Koo
just have a new banner made for the site with links to anti Chinise goverment information... you will find in days that they will block access to the site for you
Just put a bunch of keywords.
Starting with democracy, human rights, and justice.
Sadly enough this probably is the easiest solution
Originally by: ph33rf4ct0ry
Xirt must be one of the GREAT leaders in eve to keep you guys shooting shuttles in hophib
|
Maya Rkell
Forsaken Empire
The Forsaken Empire
|
Posted - 2007.01.07 02:03:00 -
[66]
Edited by: Maya Rkell on 07/01/2007 02:04:37
Captcha's are close to useless these days aginst some of the newer neural algorythms.
Also, the VAST majority of the spam on the net comes from America. (In paricular, Verizon)
http://www.spamhaus.org/statistics/countries.lasso
//Maya |
smashsmash
|
Posted - 2007.01.07 02:06:00 -
[67]
that's pretty slick. i'll have to try that out sometime. i dont really have a website but i wish i did so i could try it.
Originally by: Rooker
This is a trick that I used on a web site. Have a hidden link near the top of every page (use CSS to hide it from browsers). Exclude the page in your robots.txt file so legitimate bots will leave it alone. A bot is going to ignore the CSS and hit the link looking for addresses. A real user won't ever know it's there (unless they're peeking at the HTML). Block every IP address that hits the hidden page or redirect it to a captcha.
----
Would you like some cries with your whaaamburger? |
Plutoinum
German Cyberdome Corp
Veritas Immortalis
|
Posted - 2007.01.07 02:16:00 -
[68]
Edited by: Plutoinum on 07/01/2007 02:28:10
Hmm, how about traffic shaping ?
I admit, I'm no networking expert, but since I lived with 3 other guys sometime and our ADSL upstream was quite limited, I set up a linux router with ip-tables firewall and traffic shaping.
But I don't know, how it would perform in a professional environment tbh and I'm not aware of the current state of it in the linux kernel and distributions especially how easy it is to set it up now. ( A lot of things are in the standard kernel, but if you want something special, it may not be included, like when I was fighting against the p2p stuff of my mates that disturbed my gaming experience ^^ )
Anyway, it allows you to rate-limit connections, assign different bandwith to different services, share the bandwith equally between connections or between different source or destination IPs, limit the number of simutanious connections and a lot more.
Ok, like a said, I've never used it for anything professional. I ran it on an old AMD K6 266 MHz box and used it only for 1Mbit bandwith those days. ( Currently I still use it as firewall for my DSL-16000 connection, but since I'm the only user now, I didn't bother to check out, if the traffic-shaper could handle 16Mbit down/1Mbit upstream under full-load. I doubt it.)
edit: You'll find similar stuff also for other OS'es ofc. Then it costs money, but you probably have a lot of headache to get it to work. (The typical linux-drawback: Endless possibilities, powerful, cheap, but if you want something special, you have to work yourself through a ****load of documentation )
CTD/con-loss vs. log-out. A proposal for a fix. |
Lani Yul
Caldari
Phaze-9
|
Posted - 2007.01.07 03:40:00 -
[69]
Edited by: Lani Yul on 07/01/2007 03:39:16
Just ban all the Chinese IP ranges. See here for a pretty good list of IP ranges: http://www.apnic.net/apnic-bin/ipv4-by-country.pl?country=cn
There isn't too many of them, I know I'll ban 'em all for any server I administer.
I'll even make an iptables script for you if you want to, just run it and bye-bye Chinese.
|
Angelica Hellsing
Caldari
Tears of Redemption
The SUdden Death Squad
|
Posted - 2007.01.07 05:36:00 -
[70]
Originally by: Rakeris
But a better question may be, why are they doing it? 0.o
chribbera owns all veldspar, how can asian macro-ers compete with no veld??
|
|
|
Vult
Shiva
Morsus Mihi
|
Posted - 2007.01.07 05:44:00 -
[71]
Originally by: Lots of nerdy posts
Really nerdy networking talk...
Okay, I used to think I was a nerd, but holy Jeebus...
Although, I have noticed that since I was put in charge of my uncle's online store when he opened it up, his domain started seeing a lot more unique hits than before, with hardly any orders being completed in the store... I wonder if we're getting the same thing?
---
Time to update my sig... or get it haxx0red by a mod... |
Jampack
|
Posted - 2007.01.07 06:17:00 -
[72]
Edited by: Jampack on 07/01/2007 06:19:33
Edited by: Jampack on 07/01/2007 06:18:07
Just block China in general, I'm sure one out of the 400k that want to play will come up with there own eve-files.
Plus alot of people use nortons.
Double plus, I don't think a Chinese spammer is going to stopped by making it not being able to be used if you use nortons, they can just turn it off for 5 hours and spam you still.
Your just losing users.
|
Cyrus Graham
Caldari
|
Posted - 2007.01.07 07:25:00 -
[73]
Could try making all requests for files by mail, but then we might all start getting perfume samples and magazine subscription cards cluttering our boxes.
___________________________________
Go play checkers if you want a game where everything's fair and equal. |
Hurricane Wind
|
Posted - 2007.05.22 11:10:00 -
[74]
My twin brother and I find this extremely unreasonable. The first reason is that we are Chinese ourselves and we live in China. Many posts here are racist and it makes us non-spamming Chinese EVE players feel harrassed and insulted. Secondly, one of our dreams on EVE is to be a guardian of EVE by becoming a powerful anti-pirate so we can protects all the poor new as well as experienced players traveling out there. We wanted to make many videos and post them on EVE-files to show the world the result of piracy. Before China was banned from your site, we enjoyed downloading various EVE videos and gaining experience at PvP while watching them. Thirdly, English is our primary language. We don't know how to read and write much Chinese. We will have much trouble if we were to post our videos on a Chinese website. Even if we succeed, only a small fraction of EVE players will have access to the videos.
Please don't crush our dreams and hopes.
Thank you for your concern into taking consideration of what we have said. |
w0rmy
M. Corp
M. PIRE
|
Posted - 2007.05.22 11:14:00 -
[75]
Originally by: Chribba
The 8,500 connections today was from 10-12 different, I have about 250 Chinese spam IP's blocked, they reside in huge IP-ranges among normal DSL customers, so I block them now and in 2 hours they've switched IP's and come back. So the only way for me to block them would be to block the entire subnets, we're talking multiple B-range networks here.
For example, one network would be 222.16.0.0-222.95.255.255, that's 5,136,975 IP's on that range. Then add a few more of those and I've blocked a larger part of China.
Block by CIDR rather than class.
Originally by: CCP Oveur
I'm very sorry w0rmy, I beg your forgiveness.
|
ry ry
StateCorp
|
Posted - 2007.05.22 11:18:00 -
[76]
Edited by: ry ry on 22/05/2007 11:16:44
Originally by: smashsmash
that's pretty slick. i'll have to try that out sometime. i dont really have a website but i wish i did so i could try it.
Originally by: Rooker
This is a trick that I used on a web site. Have a hidden link near the top of every page (use CSS to hide it from browsers). Exclude the page in your robots.txt file so legitimate bots will leave it alone. A bot is going to ignore the CSS and hit the link looking for addresses. A real user won't ever know it's there (unless they're peeking at the HTML). Block every IP address that hits the hidden page or redirect it to a captcha.
i think that would cause problems for people using prefetching software/addons that just parse the pagesource, rather than interpreting it.
Then again, people that use the damn things probably deserve everything they get.
|
Mortecai
Galactic Shipyards Inc
HUZZAH FEDERATION
|
Posted - 2007.05.22 11:21:00 -
[77]
Sounds like a loosing battle here.
If it is not much work for you, add a confirmation box where you type in few letters and numbers. And that box will be used on files over 1mb or whatever you deem is best.
And make it an optional feature that you can turn on when you notice bots messing about.
|
Nicholas Barker
MASS
|
Posted - 2007.05.22 11:28:00 -
[78]
Originally by: Chribba
I've noticed that they keep sending "Weferer" headers rather than "Referer" ones.
/c
I'm so wonwy! so wonwy! so wowny and sadwy awone!
---
|
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2007.05.22 11:51:00 -
[79]
lols at old topic.
FYI I tend to block and unblock China depending on load and as I've just now only heard two complaints it seem to work out pretty good - and thus I will continue as I have for the past few months -> blocking just about all Chinese IP's when the load gets high and then unblock when they calm down.
/c
Help me help you. |
|
ArchenTheGreat
Caldari
D00M.
Triumvirate.
|
Posted - 2007.05.22 11:55:00 -
[80]
Just require logging before downloading large files. Than you can limit downloads on per account basis. If you see someone logs in and downloads thousands of files just ban him.
|
|
|
Static Mod
|
Posted - 2007.05.22 12:05:00 -
[81]
Originally by: Chribba
lols at old topic.
FYI I tend to block and unblock China depending on load and as I've just now only heard two complaints it seem to work out pretty good - and thus I will continue as I have for the past few months -> blocking just about all Chinese IP's when the load gets high and then unblock when they calm down.
/c
Why not just block all the Chinese forever.... Really it makes perfect sense.. =)
|
MasterDecoy
Gallente
Raddick Explorations
Executive Outcomes
|
Posted - 2007.05.22 12:45:00 -
[82]
ok, well, that explains a few things.
for the past 2-3 months, eve-files has been a hit-and-miss for me. seems odd since i only have about a dozen sigs and a small video... sometimes i get the message that i am "banned", and sometimes it works fine.
yeah, i live in beijing.
Originally by: Ultim8Evil
Block China 4tw.
If they can get their own special EVE server, they can damn well get their own EVE-Files site.
Originally by: SasRipper
Just block china
Is there really that many chinse legimate users?
They have there own sever let them get there own eve-files if they are going to abuse yours.
well, apparently, there is. im canadian, not chinese. strangely, i've been living here so long, i might as well be (and no, i don't sell isk!). im one of those people living in a foreign country, making a living and playing eve.
yeah, it sucks. though i understand why it has to be done. and it'd be nice to read the forums without comments like these ^ plus the usual "isk farmers!" riff-raff...
bottom-line is, it sucks that i won't have access to eve-files anymore since it was (heh, still is) a great site. hope a solution will come up eventually.
at least the bots have taste
http://dl.eve-files.com/media/corp/OTHER/china_abuse.png
loxy seems popular...
|
Ask Unbeatable
Gallente
HighTech Marines Ltd.
FREGE Alliance
|
Posted - 2007.05.22 13:04:00 -
[83]
Originally by: Dark Kavar
I use norton anti-virus, but I guess I can live without eve-files
Not possible!
And Chribba, I know you can fix everything with some of your amazing magic tricks. Good luck
|
Dominique Vasilkovsky
Techmart Industries
|
Posted - 2007.05.22 13:27:00 -
[84]
A simple solution for all legitimite users in China would be to use proxy servers based in a different country (if possible). Then they will be able to reach EVE-Files regardless if all of China is blocked or not.
Signature approved by Eldo |
Vechloran
|
Posted - 2007.05.22 13:38:00 -
[85]
As one of the EVE players in China (Nanjing, great city, freaking HOT, which is great if you like the pretty women :) ) I have never seen anything but "banned" from eve files, and this is even during the US's downtime.
It doesn't bother me though, I have a proxy setup back in the States to get around things like this. But I would like to support Chirriba, no one wants bots getting our emails, I already get enough stupid spam in QQ.
|
Futuris
Minmatar
Nano Ltd
|
Posted - 2007.05.22 13:42:00 -
[86]
Chribba, I've noticed that you don't have a robots.txt file, most bots follow the directions in it as otherwise they might end up downloading infinite/recursive dynamic pages. See http://www.robotstxt.org/ for more info about it.
http://dl.eve-files.com/robots.txt should contain
User-agent: *
Disallow: /
|
Sieges
|
Posted - 2007.05.22 13:58:00 -
[87]
Originally by: Kahor
Originally by: Dark Kavar
I use norton anti-virus, but I guess I can live without eve-files
Make yourself a favor, and use avast antivirus.
Friendly advice.
Agreed. AVAST is so much better than Norton - and it is free.
Sorry to hear about the China abuse bots Chribba
-----------
We need a way to Repackage and Transport Rigged Ships. |
Larshus Magrus
Elite Storm Enterprises
Storm Armada
|
Posted - 2007.05.22 14:32:00 -
[88]
Blocking/unblocking works but impacts legitimate chinese customers (although admittedly these are rare creatures)
Why don't you just use connection tracking with rate limiting for these Ip blocks? Its trivial enough in linux to do and uses very few resources. We use this along with greylisting/whitelisting/blacklisting to automagically curb the gazillions of connections originating from china at our corporate web site while having 0 impact on our other customers.
I'm sure it can be done (although a bit pricier) in Cisco hardware... if you are running windows, well, I think you might be out of luck.
|
DubanFP
Caldari
Four Rings
D-L
|
Posted - 2007.05.22 14:42:00 -
[89]
Edited by: DubanFP on 22/05/2007 14:40:14
why don't you ask a simple question, like show a picture of a raven and ask "which ship is this?", if they get it correct they can download the movie, if not then they're probebly automated.
____________
DubanFP > where ever there is a player that's getting too rich, wherever there's an industrial with too much loot, wherever there is a noob with too much smack we'll be there... |
Mandi Mon
|
Posted - 2007.05.22 14:53:00 -
[90]
Add a captcha?
|
|
|
Jintoi
|
Posted - 2007.05.22 14:54:00 -
[91]
Everyone should just block China tbh.
|
Thesas
Gallente
Center for Advanced Studies
|
Posted - 2007.05.22 14:58:00 -
[92]
Much of the spam coming out of China does not originate there, but rather in the US.
The same is true for Russia.
What you are describing is more a dos attack than a spamming scenario.
You can mask emails thru scripting.
Why not require login to download files?
Allow no public downloads.
|
Janu Hull
Caldari
Order of Z Industries
|
Posted - 2007.05.22 15:18:00 -
[93]
Originally by: Turix
Maybe input some kind of alphanumerical verification on larger files or certain ip ranges - im sure some people wouldnt mind putting 4 random no/letters in if it helps fix the server.
Those systems are being sidestepped. Already obsolete.
This is my sig, there are many others just like it. With me, my sig is worthless. Without (or with even) my sig, I am worthless... |
Janu Hull
Caldari
Order of Z Industries
|
Posted - 2007.05.22 15:20:00 -
[94]
Originally by: voogru
Originally by: Boo Koo
just have a new banner made for the site with links to anti Chinise goverment information... you will find in days that they will block access to the site for you
Just put a bunch of keywords.
Starting with democracy, human rights, and justice.
FALUN GONG FOREVER!
With those three words, I expect this website to be blocked to Chinese access within an hour of this post being made.
This is my sig, there are many others just like it. With me, my sig is worthless. Without (or with even) my sig, I am worthless... |
Dr Shameless
Skull Soft
Valainaloce
|
Posted - 2007.05.22 15:33:00 -
[95]
maybe make it all torrents ?
|
Gaelron
War Inc.
|
Posted - 2007.05.22 16:48:00 -
[96]
I run a guild website for WoW and have the same problems...So we blocked china and contacted jpac (i think it is which handles IP's for the west asian area)
So now the spammers just use spoofed IP's from latin america and albania.
It sucks, I dont know why we still allow China on the internet.
|
Xrak
Black Eclipse Corp
Band of Brothers
|
Posted - 2007.05.22 16:53:00 -
[97]
We are at war.
Cyberwar.
Sig stolen from Tekka. Evemail him for details about free sigs. <3 |
voogru
Gallente
Massive Damage
|
Posted - 2007.05.22 17:27:00 -
[98]
Originally by: Hurricane Wind
My twin brother and I find this extremely unreasonable. The first reason is that we are Chinese ourselves and we live in China. Many posts here are racist and it makes us non-spamming Chinese EVE players feel harrassed and insulted. Secondly, one of our dreams on EVE is to be a guardian of EVE by becoming a powerful anti-pirate so we can protects all the poor new as well as experienced players traveling out there. We wanted to make many videos and post them on EVE-files to show the world the result of piracy. Before China was banned from your site, we enjoyed downloading various EVE videos and gaining experience at PvP while watching them. Thirdly, English is our primary language. We don't know how to read and write much Chinese. We will have much trouble if we were to post our videos on a Chinese website. Even if we succeed, only a small fraction of EVE players will have access to the videos.
Please don't crush our dreams and hopes.
Thank you for your concern into taking consideration of what we have said.
It is unfortanate that legitimate Chinese players are the very, very, very small minority.
I am not anti-Chinese, but I am:
1. Pro Security
2. Against the abuse of free services.
3. Against the use of RMT in EVE-Online
Which is something, that 99.9% of Chinese players abuse. They abuse trial accounts on TQ to spam us, they farm resources to make a quick buck at the expense of our game.
Yes, other countries do it too. But the majority of them are guess what, Chinese.
|
Synseer
Minmatar
North Face Force
Anarchy Empire
|
Posted - 2007.05.22 17:31:00 -
[99]
However it works out, we love you Chribba!
|
Conmen
CRICE Corporation
Vigilance Infinitas
|
Posted - 2007.05.22 17:55:00 -
[100]
they are from china just block them |
|
|
Victor Valka
Caldari
Archon Industries
|
Posted - 2007.05.23 06:51:00 -
[101]
Originally by: Imperius Blackheart
Suggestion, a lot of other file sharing sites have a image generated with numbers/letters which you have to type in to recieve the file for download. The image cannot be read by bots so they can't get past that point.
How about adding that to downloading any file with a video extention, its a small hinderance for real people, and stops bots dead in their tracks and doesn't go about excluding countrys :)
It's called CAPTCHA and modern bots are quite capable of reading them within an acceptable margin of error.
|
Loyal Servant
Caldari
The Short Bus Squad
The SUdden Death Squad
|
Posted - 2007.05.24 16:49:00 -
[102]
Edited by: Loyal Servant on 24/05/2007 16:48:54
I run several small networks for small/medium sized companies.
I block any and all traffic from China.
For Linux, see http://www.okean.com/antispam/sinokorea.html
Linkage
When the Chinese realize that the world does not want to talk to them, they will do something about the criminals in their country.
Edit: tard attack and forgot to add a link..
TSBS - Eve's Premier podding service!
|
Buyerr
|
Posted - 2007.05.24 17:15:00 -
[103]
Originally by: Rakeris
I say just block the IP range. :p
But a better question may be, why are they doing it? 0.o
gues two times pinky ;)
just block them.
|
Buyerr
|
Posted - 2007.05.24 17:19:00 -
[104]
Originally by: Gaelron
I run a guild website for WoW and have the same problems...So we blocked china and contacted jpac (i think it is which handles IP's for the west asian area)
So now the spammers just use spoofed IP's from latin america and albania.
It sucks, I dont know why we still allow China on the internet.
some people just cant figure out how NOT to *****a good idea untill some one slap them so hard that they are still spinning when they lay in there graves.
my suggestion SLAP THEM! every one know that every one learns from is consequence
|
Boonaki
Caldari
Suffoco Noctis
Ethereal Dawn
|
Posted - 2007.05.24 19:10:00 -
[105]
Asia subnets
Add a deny before this list, reduce your problems by 90%
Fear the Ibis of doom!
113 |
Earthan
Gallente
The Absolutely Amazing Fire Eaters
Breidablik
|
Posted - 2007.05.24 19:50:00 -
[106]
Originally by: Rooker
This is a trick that I used on a web site. Have a hidden link near the top of every page (use CSS to hide it from browsers). Exclude the page in your robots.txt file so legitimate bots will leave it alone. A bot is going to ignore the CSS and hit the link looking for addresses. A real user won't ever know it's there (unless they're peeking at the HTML). Block every IP address that hits the hidden page or redirect it to a captcha.
ha ha ha networking isnt my stuff but this really sound smart:) nice one
-
Killing Eve bullies all over the galaxy
|
Leonardo Sabrioski
Caldari
Leviathan Enterprises
|
Posted - 2007.05.24 20:00:00 -
[107]
block china. (Period)
----------------------------------------------
|
Damon Ra
Caldari
|
Posted - 2007.05.24 20:06:00 -
[108]
Originally by: Leonardo Sabrioski
block china. (Period)
That's exactly what we do at work, and viola, no more bots and a lot less spam too. DOS attacks and hacking attempts have fallen to nearly zero as well.
If you need to allow people from that area access to your site, this is obviously not the greatest solution, but since we do not, it works quite well indeed.
|
ry ry
StateCorp
|
Posted - 2007.05.25 13:22:00 -
[109]
I know 1 in 5 people is chinese, but i didn't think it was me.
For the record, i'm not a spider.
|
Duck Andcover
Don't be Alarmed
|
Posted - 2007.05.25 13:43:00 -
[110]
Edited by: Duck Andcover on 25/05/2007 13:51:01
Edited by: Duck Andcover on 25/05/2007 13:43:01
Originally by: ry ry
I know 1 in 5 people is chinese, but i didn't think it was me.
For the record, i'm not a spider.
Omg, Ry ry is a chinese spider! 
Edit: Edited for spidery goodness
|
|
|
Ethaet
|
Posted - 2007.05.25 15:03:00 -
[111]
Edited by: Ethaet on 25/05/2007 15:03:12
lol ry ry, it thinks you are a bot :P
|
ry ry
StateCorp
|
Posted - 2007.05.25 15:18:00 -
[112]
CLICK HERE FOR THE CHEAPEST VIAGRA ON THE NET!
|
|
|
| |
|
| Pages: 1 2 3 4 :: [one page] |