<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d16851663\x26blogName\x3dBurton+Speaks\x26publishMode\x3dPUBLISH_MODE_HOSTED\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://www.walkingsaint.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://www.walkingsaint.com/\x26vt\x3d-1892815651864643552', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Bastards did it again

Monday, January 23, 2006
Remember Cyveillance?

So occasionally I look through the traffic logs for my little site here and look for anomalies. I saw this entry:
63.148.99.237 - - [23/Jan/2006:11:19:24 -0800] "GET 2006/01/magical-blogger-mood-ring_12.html HTTP/1.1" 200 15371 http://www.walkingsaint.com/2006/01/power-user.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows XP)"
Then I saw about 90 entries around that, all from the same IP address, looking at all the information on the site... but all spaced about a second apart.

Let me show you what it looks like when Google indexes my site:
66.249.65.1 - - [23/Jan/2006:14:42:10 -0800] "GET 2006/01/spending-issues.html HTTP/1.1" 200 16104 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
Do you see the difference? Google identifies itself as an indexing bot. It tells you where to get more information and they adhere to bot-like standards such as the Robots Exclusion Standard. Cyveillance does NO such thing. They'll basically trespass on a site mining information and there's nothing you can do about it. Bastards.

Can anyone think of anything that can be done about this?

posted by Burton at 8:08 AM

2 Comments:

Anonymous Anonymous said...

check you last messahe i sent you a way to get it out of there. or at least to confuse it. -luv mal

2:02 PM, January 24, 2006  
Anonymous Anonymous said...

actually here it is.

How to block Cyveillance?:
These criminals will scan your FTP, IRC, and other service ports, so watch it!

# --- Cyveillance's Bots --- #
iptables -A INPUT -s 63.148.99.0/24 -p tcp -j REJECT
iptables -A INPUT -s 65.118.41.0/24 -p tcp -j REJECT
iptables -A INPUT -s 38.118.25.0/24 -p tcp -j REJECT
iptables -A INPUT -s 38.118.42.0/24 -p tcp -j REJECT
iptables -A INPUT -s 216.32.64.0/24 -p tcp -j REJECT
# Cyveillance Office #
iptables -A INPUT -s 63.100.163.0/24 -p tcp -j REJECT
# Cyveillance's Lawyers #
iptables -A INPUT -s 151.173.221.0/24 -p tcp -j REJECT
# Suspicious External connections #
iptables -A INPUT -s 68.48.24.0/24 -p tcp -j REJECT
iptables -A INPUT -s 4.35.201.0/24 -p tcp -j REJECT

2:04 PM, January 24, 2006  

Post a Comment

<< Home


Search


www
www.walkingsaint.com

Twitter Updates

My Other Sites

Site Information

Friend Blogs

Awesome Links

Favorite Webcomics

Previous Posts

Archives

Powered by Blogger