Forgot your password?
typodupeerror
User Journal

FortKnox's Journal: Crapflooding 18

Journal by FortKnox
Looks like everyone that has a personal site with blogging/comments is getting crapflooded.

Hopefully you all thought ahead to add in banning ability. Feel free to use the comments in this JE to put in the IPs of all the offenders so everyone else can do an 'ahead' banning.

Sure, they'll use all kinda tools like redirecting pages and such, but there is always a finite number of places they can hit you from. Hopefully, we'll get a full list of IPs here within a couple days for everyone to ban.
This discussion has been archived. No new comments can be posted.

Crapflooding

Comments Filter:
  • Here's my ban list. These are the only people I have IP banned, and it's from last night:

    216.157.225.36
    69.0.231.132
    24.221.113.243
    21 1.75.231.21
    213.106.152.192
    203.169.250.28
    213. 208.67.82
    • more ip's. Brain is a little fried, so I'm not going to do the sed magic on it myself. I'm sure there are repeats.

      216.157.225.36 2004.01.05 69.0.231.132 2004.01.05
      24.221.113.243 2004.01.05 211.75.231.21 2004.01.05
      213.106.152.192 2004.01.05 211.75.231.21 2004.01.05
      203.169.250.28 2004.01.05 213.208.67.82 2004.01.05
      132.231.132.55 2004.01.06 211.248.240.211 2004.01.06
      212.41.244.254 2004.01.06 211.250.153.252 2004.01.06
      200.184.43.67 2
  • 127.0.0.1
    255.255.255.255
    0.0.0.5
    10.0.1.1
    172 .16.0.2 (I hate this guy!)
    192.168.1.0
  • If you're using MT, you can use a different comment engine... a certain fluffy porcupine has managed to use phpBB as the comments engine. This makes it much more difficult to script a crapflood (and has more robust banning and authentication features to boot!).

    How to integrate phpBB and MT [trikuare.cx]

  • all the ips are probably compromised machines. anyone with a mind for scripted flooding will know how to search for more.

    but here's the list of ips that flooded me [slashdot.org]:
    12.3.56.2
    24.174.81.26
    24.221.113.243
    64.1 75.137.61
    200.13.230.243
    200.161.10.82
    217.37.1 66.65

    I sent a complaint to each of the responsible ISPs and the IFCC [ifccfbi.gov].
  • The news is all a buzz right now about some possible terrorist maybe being onboard a flight going to Cincy (well, if it is the same as when I was there I guess Covington, KY, just across the river).
    • ummm... links?!?

      I haven't heard that at all, but I'm in the middle of downtown cincy right now.... (airport is SW of town in KY as you said).
      • nevermind.... yeah, its all over the place now...

        Fighter pilot escourted, 14 possible terrorists onboard, being landed away from the terminal from Paris.... spooky stuff.
  • CloseComments, available from the mt-plugins.org webside, can be used to stop commenting to all non-recent articles.

    Also, this page [burningbird.net] describes a modification to the mt-comments.cgi script to prevent automated attacks from succeeding.

    MT.
    • To automate CloseComments, I first bookmarked it. Then I told Mozilla to check it for updates (or make available offline?) at midnight each night. That should load the page, and take the desired action.
    • That method is a band-aid on a cracked dam. It would take a matter of a few minutes for a troll to examine your page's source, grab all the hidden fields and put 'em in the URL.
  • Nobody has messed with blackneto.com
    but then again, I don't really do anything there.

The sooner you fall behind, the more time you have to catch up.

Working...