See, I’ve got records on y’all now!

Since doing the clean install of my site on the 19th, my security has noted that my first spambot attack came from IP blocks in Malaysia, Poland and California at three in the morning, Seattle time. These were searching for file exploits in, of all things, Movable Type. An animated sequence from Person of Interest. Seems as good a metaphor for the Internet as any.

I even got some lazy taps from Microsoft’s Bingbot spider for files that haven’t existed on my site for over five years now–hard to interpret that one. Either Bingbot needs to have old data flushed out of the spider or, much more likely, one tiny tendril of Bingbot has been compromised. I now suspect the latter because the IP numbers that trace back to Bingbot were also looking for more obviously suspect files (Boner pill shit.) on my server.

Am I going to alert Microsoft? Ha! Never mind that I’m just inexpertly misinterpreting my log files and could be disastrously wrong but, being a good Internet citizen by informing Microsoft would be like, to paraphrase the immortal Douglas Adams, trying to attack a lunatic asylum with a banana!

And for days afterwards the spambots came from all over the world, looking for things that didn’t exist anymore, generating 404 errors. I shouldn’t be surprised over how quick this was. Mere minutes after setting things up again, the botnets attack. Robots are infinitely patient, I guess. That and my domain has been stable since 1999 so, I guess, it’s a high value target for spambots trying to SEO links for boner pills.

It’s the invalid log attempts that worry me the most. 175 attempts in the last four days alone! These try with a short list of obvious usernames combined with combing my content for less obvious strings. In all this dictionary attacking, some of these actually got my account name right. I’m going to have to change my username to a long random string to protect at against this.

In the same span of time, the spambots only bothered to comment spam me 3 times. The operators of these botnets know better these days. Injecting linkspam into the main content counts for more in SEO than merely injecting it into comments. And such spam harder to fix.

The Internet is a jungle. For this and many other reasons I can see why so many, less technically inclined, have abandoned the Web for the walled gardens of Google, Twitter and Facebook. These aren’t all that safe either but at least you can find someone to blame. Me? I’m stickin’ it out. I learn important stuff fighting this.

This entry was posted in Security and Privacy, The Internet, Webmastering. Bookmark the permalink.