The Core Dump

A strong conviction that something must be done is the parent of many bad measures

[By Nic Lindh on Saturday, 22 January 2005]

The assault continues

The zombie assault on this domain continues unabated. We’ve managed to staunch the bleeding with some draconian firewall rules–going to have to revisit those rules later on and start letting huge chunks of the Internet back in.

Did I ever mention that it really, really sucks to have to waste time and effort on this crap? I did? Good. Because it very much does.

The vast majority of the spam comes in this form:

thecoredump.org 24.42.40.x - - [21/Jan/2005:15:49:32 -0700] “GET http://www.search1search.net/index.php?uid=968&REQ=Debt HTTP/1.1” 200 13814 “http://free.7host06.com/alangef/NetMoney/search1search.html” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313”

with various IPs, user agents, and requests to sundry perverted sites. So in order to at least not let the crap get through to other sites, we added this to the local .htaccess file:

RewriteCond %{THE_REQUEST} ^(GET HEAD POST)\ /?http:// [NC]RewriteRule .* - [F]

After this, all incoming requests to fully qualified URLs (i.e., they start with http:// are forbidden. If nothing else, it makes Apache have to work much less hard, and hopefully it will keep this domain off other people’s blacklists. It also doesn’t seem to affect the functionality of the site, but please let me know if something’s broken now.

Incidentally, I am now 100% in favor of the death penalty for the assholes who perpetrate this kind of crap.

UPDATE: Changing the .htaccess file seems to have done the trick. Some of the zombies aren’t giving up, but the load is currently hovering around two requests per second. The machine is no longer spawning a new httpd daemon for each request, so memory and CPU are no longer scarce resources.

Turned off all the firewall rules as well, which made me feel like less of an angry fascist.

Soundtrack: “Long Way From Home” by Fatboy Slim itunes

« "The blinking lights are killing me"

 »


Enjoy the ten latest posts!

Book roundup, part 27

Includes Hollywood Dead, Tales from the Loop, Things from the Flood, The Court of Broken Knives, and Port of Shadows.

To see what is in front of one’s nose needs a constant struggle

“Cancel everything. You’re going into emergency surgery today”

Nic has a retinal tear and has his vision is saved by a laser.

Book roundup, part 26

Includes The Storm Before the Storm, White Trash, Calypso, Tell the Machine Goodnight, Prince of Fools, and Provenance.

Renewing the nerd card: Installing Ubiquiti UniFi in the house

The Internet tells Nic to install Ubiquiti gear in his house, so he does, and now he has thoughts.

The greater the ignorance the greater the dogmatism

Working in the pod mines

What I wish I’d known when I started podcasting.

It is impossible for a person to begin to learn what he already thinks he knows

Smell the Foam Finger

Nic starts a new podcast about—gasp!—American sports.

Book roundup, part 25

Mostly excellent non-fiction in this installment. Includes Fantasyland, The Miracle of Dunkirk, Das Reich, The Undoing Project, Waiting for the Punch, Vacationland and Points of Impact.