I am rather tee-ed off with the number of spambots and other automated miscreants surfing the websites I maintain.
Add to that a new problem of commercial "spying" by a UK company from Cambridge called Envisional, which has been continuously downloading copyrighted PDF files from at least one of these sites. (Presumably to monitor for breach of copyright in case they can make a few quid from an action). The fact that continuously downloading large PDF files over and over again could have crashed my website probably doesn't concern them.Their activity is a little bit more sinister, looking at their online manifesto.
Envisional - "Keeping an Eye On The Internet"
Oh yeah? Another private company as a self-appointed net-regulator eh?
"Envisional's solution is completely automated, and runs continuously, without inconsistencies in categorisation or expensive labour overheads."
I guess that would explain why there's no corresponding webmaster@ account to answer my complaint email then, why they don't advertise an email on their website and why their contact form doesn't work when I tried it. Actually it was amusing as the "back end" showed through and they had the cheek to use a freeware form submission engine - FormMail V1.92 © 1995 - 2002 Matt Wright - A Free Product of Matt's Script Archive, Inc. I just tried the form again as I wrote this entry and it still doesn't work so I guess they aren't going to be getting many complaints then!.
"Forensic downloads
On a number of occasions, we have taken forensic snapshots of websites for use in legal court cases. These snapshots form the basis of legal evidence detailing the activity of the sites and have been instrumental in causing those sites to cease their illegal activities."
I wonder who monitors their (probably illegal and unauthorised) storage of MY copyrighted materials eh? Who looks after and protects MY digital rights??
Okay I've seen enough. Time to "beef up" up the security and ban some of these muppets and the spambots using a more up-to-date technique. What I was looking for was a way of specifically encouraging, targetting, logging and then banning all malicious activity. Although I'm not an expert with PHP I am a reasonably competent "C" coder so it wasn't hard to knock up some code using bits of BigSam which I also maintain.
The result is a primitive first version of a spambot and general intruder detection system called "FlyTrap". If you run Apache and are having problems you may want to have a look at it and try it out. Step one is tackling the spambots and viruses I will deal with the likes of Envisional later on.
For those who run webservers and may be quite rightly concerned about the numerous companies such as this keeping "tabs" on your server content you may wish to block the following IP addresses reported by WHOIS as assigned to Envisional's server farm. If anyone else knows of other "Big Brother" organisations such as this I'd appreciate an email!. Its worth blocking them as, if you are running on a slow asymmetric link with, say a 64k uplink, then these idiots could take your sever completely offline if they start retrieving large files at regular intervals as they have been doing to me!.
#217.68.79.0 - 217.68.79.15 www.envisional.co.uk
Deny from 217.68.79.0
Deny from 217.68.79.1
Deny from 217.68.79.2
Deny from 217.68.79.3
Deny from 217.68.79.4
Deny from 217.68.79.5
Deny from 217.68.79.6
Deny from 217.68.79.7
Deny from 217.68.79.8
Deny from 217.68.79.9
Deny from 217.68.79.10
Deny from 217.68.79.11
Deny from 217.68.79.12
Deny from 217.68.79.13
Deny from 217.68.79.14
Deny from 217.68.79.15
From now on, intruder detection is going to be a spectator-sport for me on a par with "couch fishing".
Check out the FlyTrap page on my own website
Snowball
No comments:
Post a Comment