Are you a skiddie?
Posted in : Spam Trap
Skiddie : I've tried all the DLL exploits possible and I still haven't r00t3d this box
SpamHound :It's a linux box you dumb arse. Your IP has been banned for stupidity
Ctrl+C + Ctrl+V does not make you a programmer
The chances are that if you're a skiddie then instead of seeing this you're seeing a page that reads something like "Forbidden : SpamHound has detected your IP as belonging to a spammer. Your IP address has been blocked from all SpamHound protected sites until ##/##/####". Don't take it to personally as the SpamHound doesn't really think you're a dumb arse Spammer, it realises that you're an even dumber skiddie that's been looking for exploits on the server, it just treats all IQs below 1 in the same way.
The good news is that the skiddies prompted me to do some more work on the SpamHound to include checks for these dumb arses, and whilst I was tempted to link all such requests to a virus or just redirect them to 127.0.0.1, in the end I decided to just ban them, which is a lot less fun but they're not even worth playing with. The recode not only added the ability to detect the lower IQs on the web but also reintroduced the ability to network multiple servers/domains so that they can share the same information, you hit one you get your sorry arse banned from them all.
At this moment in time the new version of the Hound only protects this server, although it's due to be rolled out to another few servers in the very near future, once we've done some multi-server testing and gained a few more stats 'n' stuff. Then I'm going to be working on a public version of the Hound, it won't be half as ferocious as our own but it should help cut down on the bandwidth and cpu that gets wasted on spammers and skiddies on a daily basis and I'll probably tie it in with a b2evolution plugin that will allow you to ban IP addresses direct from your admin pages. We already have a working version of the plugin so it won't take much to make it a publicly available release, assuming anybody's interested in it
So far the various versions of the Hound have stopped over half a million spam/skiddie attempts, not bad for a bunch of code huh? I'd be able to give you the exact figures but I had a blonde moment when coding the log analyser and accidentally wiped the logs for the last couple of months :roll: ahh well, they'll soon build up again as these arses really don't understand "403 : Your shit is forbidden". It'll be interesting to watch that figure soar as the new version is rolled out.
Anyway I suppose it's time I went and did some more testing so it can be unleashed on our network
¥
