Archived material Access restricted Article
Rantburg

Today's Front Page   View All of Thu 03/11/2021 View Wed 03/10/2021 View Tue 03/09/2021 View Mon 03/08/2021 View Sun 03/07/2021 View Sat 03/06/2021 View Fri 03/05/2021
1
2021-03-11 Cyber
When you know something you posted might have upset China.
Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.
Posted by NN2N1 2021-03-11 04:59|| || Front Page|| [17 views ]  Top
 File under: Commies 

#1 Im pleading stupid here, are you saying Rantburg has had those Denial of Service attacks by China, or am I missing something?
Posted by NoMoreBS 2021-03-11 11:24||   2021-03-11 11:24|| Front Page Top

#2 That was my site (NN2N1) on typical week...
Then several storms on 1 day this week.


I am sure Rantburg is a much bigger and more frequent target.
Posted by NN2N1 2021-03-11 11:37||   2021-03-11 11:37|| Front Page Top

#3 Got it, and thanks, drawing their ire is always a sure sign of doing something right!
Posted by NoMoreBS 2021-03-11 11:51||   2021-03-11 11:51|| Front Page Top

#4 When I was a web master I used to see this kind of thing all the time in my logs. I found that there are web sites where you can plug in an IP address and find information about it. According to DBIP IP geolocation API
and database web site: 221.8.65.18 or 18.65.8.221.adsl-pool.jlccptt.net.cn is an IPv4 address owned by CNC Group CHINA169 Jilin Province Network and located in Haidian (Haidian Qu), China.

I developed a PERL script that would place such IP addresses into an IPTABLES database so they would be denied any further access to my server. The script had a little database of its own that included the kind of queries that would come from places like China. Whenever there was a "404 Not Found" error the script would be triggered and search for a match between the 404 query and the database. When a match was found, the offending IP address would be automatically added to the IPTABLES database. Eventually I found that I could enter a range of IP addresses into IPTABLES and block entire nations from access to my server. If I could do that, the government could certainly erect a fire wall that would block all internet traffic from countries like China. The fact that our government allows this criminal activity to continue is a dereliction of duty to say the least. Of course, well all know why they don't.
Posted by Abu Uluque 2021-03-11 12:59||   2021-03-11 12:59|| Front Page Top

#5 
Abu Uluque:
Is your script PD or shareware?

Posted by NN2N1 2021-03-11 13:31||   2021-03-11 13:31|| Front Page Top

#6 I never saved a copy of the script for myself. I left it on the server when I retired. It wasn't terribly difficult to do though. I kind of did it in my spare time at work. If you know PERL and you're familiar with Apache web server software running on LINUX it should be easy to duplicate. The apache config file allows you to designate a cgi-bin executable to handle 404 errors. In my script, I would check the 404 query by looping through an array of character stings like "php". I didn't have php on my server because I knew it was notorious for vulnerabilities so if somebody was looking for php on my server I figured they were prodding for vulnerabilities they could exploit to hack my server. There were all kinds of strings like that and when I found them I put the IP addresses into IPTABLES so they would be automatically and immediately denied any further access to the server. They didn't even get the 404 error message. It was fairly effective. It sure cleaned up my log files. I only got one or two complaints from people who were legitimate being denied access and that was because their Microsoft Internet Explorer browser was looking for FrontPage. I figured they deserved it just for using such a crippled browser.
Posted by Abu Uluque 2021-03-11 14:48||   2021-03-11 14:48|| Front Page Top

23:46 trailing wife
23:45 Solomon Julet4166
23:30 Punky Cholutch1770
23:16 Punky Cholutch1770
23:15 Punky Cholutch1770
21:53 Arithmetic Owenkimchi9873
21:48 Anyone Hypothermic8356
21:31 Pancho Mussolini4855
21:28 Ebbaiting Elmeck2571
21:24 Threreper Schwarzeneggar6629
21:18 Victor Emmanuel Uneretch3731
21:01 Injun Chomomble7936
20:53 Injun Chomomble7936
20:35 Procopius2k
20:33 Injun Chomomble7936
20:08 jpal
20:07 Rambler in Virginia
19:42 Clem
19:39 Clem
19:33 swksvolFF
19:31 Airandee
19:29 Airandee
19:26 jpal
19:06 Injun Chomomble7936









Paypal:
Google
Search WWW Search rantburg.com