Un spammer dement si botnetul sau

Sunday, 01 January, Year 4 d.Tr. | Author: Mircea Popescu

Deci spicuim din loguri :

[Sun Jan 01 12:11:19 2012] [error] [client 208.107.186.72] client denied by server configuration: /home/polimedi/public_html/trilema/2011

De cite ori ? De 49 de ori, de la 12:06:43 la 12:11:19. Vine de zece ori pe minut sau ceva. Ca lui ii tre' neaparat lista pe 2011, ce pula, poate ca de la la 40 la a 41-a incercare cu 403 in cinci minute mi-am schimbat parerea pe tema sau ceva. Nu se stie niciodata.

Da' mai am si alte elemente :

[Sun Jan 01 12:15:13 2012] [error] [client 208.92.218.66] client denied by server configuration: /home/polimedi/public_html/trilema/feed
[Sun Jan 01 12:15:13 2012] [error] [client 208.92.218.66] client denied by server configuration: /home/polimedi/public_html/trilema/feed
[Sun Jan 01 12:15:13 2012] [error] [client 208.92.218.66] client denied by server configuration: /home/polimedi/public_html/trilema/feed
[Sun Jan 01 12:15:13 2012] [error] [client 208.92.218.66] client denied by server configuration: /home/polimedi/public_html/trilema/feed

[Sun Jan 01 12:14:41 2012] [error] [client 187.73.64.230] client denied by server configuration: /home/polimedi/public_html/trilema/2010
[Sun Jan 01 12:14:40 2012] [error] [client 75.101.198.208] client denied by server configuration: /home/polimedi/public_html/trilema/2010

Si respectiv, cea mai draguta,

178.33.158.181 - - [01/Jan/2012:12:30:51 -0500] "GET /trilema/2011/gindirea-creativa/ HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10"

200.31.160.84 - - [01/Jan/2012:12:30:52 -0500] "GET /trilema/2011/gindirea-creativa/ HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10"

Deci bun ? Ca asa s-a nimerit, un tip din El Salvador care apare-n stopforumspam.com si cu un tip din Franta care-i cunoscut pentru wiki spam cu medicale s-au nimerit ei pur si simplu sa foloseasca Windows NT 5.1; en-US; rv:1.9.0.10 amindoi. Ce, se poate intimpla, care-i problema ? Multi francezi is pe en-US si inca si mai multi salvadorezi au rv:1.9.0.10. A, si ambii-s pe Gecko/2009042316 Firefox/3.0.10. Problem ?

Si uite asa am eu 300 de itemi in errorlog de la ora 12 la ora 15, deci cite 100 pe ora. Da' asta nu-i nimic : douaji de spamuri in patru ore. Tineti cont ca io am mega-ultra-extra antispamu' facut de mina mea, asa ca poate ajung comentarii ceva intre 0,1% si 0,0% din ce incearca dujmanii sa bage. Pe scurt, in alea patru ore cineva mi-a trimis minim cinci mii de mesajele pulii.

Care ce sens au ele exact ? Link catre facebook si google, emailuri cu toate aparentele de valabilitate posibile (vedeti ca nu exista @yahoo, ca nu-s romani prosti nici spamerii astia, sa-si faca bloguri pe blogspot cu contu' de yahoo meil si sa moara cu ele-n brate), niste text acolo facut sa treaca de filtre bayesiene (admirati erorile de scriere, este ca-i induiosator ?). La ce bun ?!

Adica, in afara de cazu' ca un muist oarecare se crede smecher si simte el neaparat nevoia sa-si expuna botnetu' fata de mine, nu prea vad concret ce utilitate are operatiunea. Serveru' de cazut nu cade, rahaturile alea de intrat nu intra, ce rost are exact sa fii primu' care atinge o suta de mii de cereri in 2012 ? Ca nu ma prind.

Da-n tot cazul, la caz ca-i curios careva :

217.78.18.96; 62.84.79.137; 218.228.242.114; 91.226.165.164; 93.66.13.231; 178.215.87.24; 81.200.253.10; 58.83.224.217; 85.92.159.84; 189.8.13.26; 189.90.132.194; 201.75.107.200; 84.40.77.159; 24.106.177.68; 188.190.41.21; 95.135.77.245; 31.36.152.104; 203.126.223.124; 193.27.47.253; 86.96.226.23; 220.113.9.168; 141.138.201.77; 89.96.196.150; 187.73.64.230; 91.210.104.30; 61.54.26.44; 203.158.29.55; 201.12.155.80; 67.221.123.38; 89.178.23.42; 190.116.18.198; 189.22.131.130; 218.211.38.243; 182.50.64.85; 75.101.198.208; 109.234.207.55; 200.176.13.214; 50.57.134.15; 130.255.230.119; 38.115.17.123; 220.150.103.65; 150.254.171.134; 85.89.187.156; 142.22.16.51; 50.16.220.94; 176.34.251.144; 110.164.3.181; 50.7.233.18; 88.191.77.92; 188.138.112.118; 141.138.201.77; 60.251.239.251; 163.30.162.1; 211.151.35.100; 93.181.161.198; 95.69.223.146; 178.33.158.181; 200.246.158.1; 187.33.4.135; 175.158.22.76; 87.98.177.156; 203.112.128.200; 175.139.169.245; 190.202.87.134; 200.31.160.84; 119.93.229.211; 178.77.186.165; 84.228.192.224; 180.1.132.106; 201.96.17.81; 173.198.57.253; 204.93.211.219; 83.136.245.210; 93.160.110.98; 201.245.192.254; 173.198.57.253; 58.218.172.194; 173.243.240.186; 200.31.160.84; 200.214.52.34; 64.23.67.94; 209.118.181.20; 177.11.24.2; 188.242.89.90; 94.46.217.70; 223.27.81.195; 178.79.148.81; 122.0.66.102; 188.227.183.163; 178.63.26.42; 67.221.226.126; 91.210.104.31; 188.227.177.2; 125.89.161.189; 118.39.135.5; 110.164.3.182; 188.227.177.2; 62.233.42.7; 178.73.221.135; 88.190.242.82

Asta asa, din ultima ora. Deci totusi, care-i sparla ? Ce rost are trebusoara asta ?

Category: Meta psihoza
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

5 Responses

  1. E nitica foame la bing, yahoo si facebook pentru ca raman fara clienti, fara de google, google mail si google plus.

  2. Mircea Popescu`s avatar
    2
    Mircea Popescu 
    Monday, 2 January 2012

    Meri ma, nici intr-un caz nu ie aia.

  3. Pagerank ceva, plm. Deci chiar nu inteleg nici eu de ce cineva plateste robotei sa lase link cu facebook sau yahoo.

  4. Mircea Popescu`s avatar
    4
    Mircea Popescu 
    Monday, 2 January 2012

    Alea-s link-uri neutre ca sa verifice ca functioneaza procesul.

  5. Da, urma sa zic asta, dar taiasem textul de-l tastasem sub ce am zis mai sus. Ca nu-l vedeam coerent si nu mai tineam minte daca ground testing ie ce vroiam eu sa insemne.

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.