This is just one of many reasons I went on hiatus. This just popped up in the email box:
Some butthead in Romania.
Something like this is usually going on when comments get hinky - the difference is this one was an attempt to insert malware, not just flood with comment spam. And things like this are why comments with links get held, else malware and other things get in.
I'm getting to the point where I'm ready to support summary executions for hackers and identity thieves. The value they suck out of the economy and life in general is worthy of capital punishment.
Yeah, I'm still in a grumpy mood. Oh, and quit sending me the emails you're sending Bill.
A visitor to your blog Argghhh! The Home Of Two Of Jonah's Military Guys.. has automatically been banned by adding more than the allowed number of comments in the last 200 seconds.
This has been done to prevent a malicious script from overwhelming your weblog with comments. The banned IP address is
86.126.103.237
If this was a mistake, you can unblock the IP address and allow the visitor to add it again by logging in to your Movable Type installation, going to Blog Config - IP Banning, and deleting the IP address 86.126.103.237 from the list of banned addresses.
Some butthead in Romania.
Something like this is usually going on when comments get hinky - the difference is this one was an attempt to insert malware, not just flood with comment spam. And things like this are why comments with links get held, else malware and other things get in.
I'm getting to the point where I'm ready to support summary executions for hackers and identity thieves. The value they suck out of the economy and life in general is worthy of capital punishment.
Yeah, I'm still in a grumpy mood. Oh, and quit sending me the emails you're sending Bill.
Hey, Boq -- didn't I tell ya that if we got inane enough, he'd jump back in?
Crayon diet. Works every time. It forces you to crave something pointed! Or keyboarded...
Got the peanut brittle done (sorry, Bill, none for you this time). Pecan Pralines on the agenda for this weekend... Then, of course, I'll have the stuff for homemade gelato, too. Might that help cheer you up?
Unless they have been involved in running a site, most people do not realize the amount of work invovled with the ongoing struggle against spammers and hackers. Anything that allows comments or "forum" type posts from the masses is especially vulnerable and troublesome.
In addition to the deluge of ads for v!@gra and the like, a lot of it is pron spam, often with rather vile graphics, or just annoying people who have a site remotely related to your subject matter and wanting you to link to them. Even deleting these takes time (and sometimes advanced geek magic) that diminishes the "fun" part of running a site and enjoying the interaction with your friends, or even the loyal opposition.
Given the illogical nature of some of the spam, some likely represents hacking attempts, or training exercises, or 'noise" generated to cover malicious actions by major criminal enterprises (other than the U.S. government) and likely even the Chinese military probing internet security and inserting malware for eventual cyber war.
Regardless of the origin, motivation or content, all that crap just sucks the fun out of running some sites. And, this aspect is hidden from the visitors, but gnaws at the proprietors.
So, I certainly understand our host's apathy and lethargy at this point. And, I look forward to him returning reinvigorated when he feels like it, or alternately, more great posts from the others with the keys to the Castle. You're still my first top on my morning surf.
Now I get it!
Does this mean I have to send back the tank?
*mutters*
And it had such great turret control, too....
Both of us being men of overlarge size, the spammers should not survive long.
As long as I can keep what the Russians sent, though, I won't tell John's Romanians. They'll ask for his size...
Hey John...how's the goat with the bum leg? He mending OK?
Oh...and Romanians have nothing to do with Rome. We was Romans.
Just post their heads on digital pikes...
I noticed in my logs an IP address in South Korea insistantly trying to log in as root, and billy, and bob, and billy bob (well you get the idea), etc. I ran down the IP in ARIN, pointed at KRNIC, and low and behold.... Its a South Korean Elementry School. I hopped onto another subnet, and ran a quick NMAP -sS, and see port 12345 open....hmmm.... Maybe sub-7 trojan loaded on it, so I fire up a sub7 client I just happen to have handy, and sure enough up pops a shell. A quick netstat shows somebody is also connected to it from a Rominain IP.
Flash forward a few weeks, and I was at conference with an AsstDir DHS cyber dude, long story short I asked about what the US Gov was doing about this attack, and got 5 minutes of "NO ANSWER"...
I sit down for lunch, and a FBI agent, and Local LE officer basically tell me there hands are tied, but since I was outside, I could " act unilaterly" (or something close).
YEAH.... I had scene that movie... so I do not do anything behind start blocking 300 Millions IP addresses with an ACL...
Last summer I was at McDill, and a recently retired Dept of Justice prosecuter spoke, and this scenerio came up..... The answer was it was "unlikely" the US goverment would extradite, but they would proscute if someone "hit back"......
Bottomline, we are at war, A USAF Officer at the same conf said as much in his opening remarks but we cannot even admit the name of the country attacking. The obscure the offender with acryomys like APT.....
At least thats what my "friend" says
Jerry
Go figure.
I really have to get back in to the blog of things
Michael Z. Williamson has mentioned using nerve agents on spammers in one of his novels, and the sympathetic characters in the book unanimously approved.
These days there are all sorts of plugins so you can use your Facebook or Google account just so's you don't have to track a zillion accounts.
Cheers