[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Apache logs
- Subject: Re: [cobalt-users] Apache logs
- From: flash22@xxxxxxx
- Date: Sat Apr 7 16:25:03 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Sun, 8 Apr 2001, Mark Remde wrote:
> Reposted to users group:
>
> WWW.********.COM 195.222.69.86
"GET http://ctc.pornoground.com/cgi-bin/ctc/ctc.cgi?47917758 HTTP/1.0"
302 235 "http://vikspix.com"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"
>
> I at first thought that someone was trying to use this
> server as a proxy, but there's too few hits for that
Nonetheless, that's what it is, ;)
It's a signup link that gives the person hitting the reference number a
small credit for signing someone up, so someone is probably using lots of
servers to generate hits ;)
ctc is a advertising hit tracker (www.123ctc.com)
This is also interesting as heck...
traceroute 195.222.69.86
21 195.222.71.50 (195.222.71.50) 540.674 ms 548.341 ms 539.784 ms
22 * 195.222.69.86 (195.222.69.86) 2590.58 ms 2357.2 ms
someone is generating a lotta traffic ;)
What kinda machine is this? Cobalts don;t normally allow anonymous
proxying this way with the default apache config...
> - just half a dozen a night - every night.
> I added this IP to hosts.deny, and also created a
> hosts-deny rewrite rule for apache. That started
> the 404's seen above, but didn't stop the hits.
add the nasty domain name to your etc/hosts file and make it point to
the same IP as a legit site, it will redirect if someone tries to get to
it via your machine (via apache rewrite-i'm assuming you have a raq) if
you have dns local, make it a
cname to a local name instead...this will force it go in a circular path
gsh