A site for solving at least some of your technical problems...
A site for solving at least some of your technical problems...
Since the ZmEu attack, I've been watching my logs a little closer. I also found a page that I could not read (but Google could and was kind enough to provide a cached version.) That page listed many bots that are not nice bots. So? I decided to block some of them, especially those that use very bad URLs or load many pages too quickly.
The result is that I'm getting more and IP addresses in my firewall. Although they get removed in a schedule that I will not state here, I can tell you that each time I block tenth when not hundredth of useless hits (worst than that at times those could be viewed as dangerous hits.)
Some of the IPs look legitimate so probably using a computer that someone got infected. Others are addresses that are not assigned and those could be black listed.
This list is in no way complete. But all of those I've blocked for one reason or another.
59.120.145.13
61.192.161.38
64.9.53.20
67.15.97.25
67.225.164.101
69.16.238.193
69.16.239.36
69.167.138.175
72.3.233.173
72.52.150.94
74.54.23.226
74.63.10.96
74.86.154.37
81.25.120.83
83.96.188.200
87.117.198.179
91.186.11.81
161.58.27.213
174.139.12.170
174.143.33.218
178.32.40.3
202.160.120.220
207.178.136.143
208.43.146.104
208.77.216.5
208.115.101.50
209.85.109.36
209.240.96.35
212.34.157.193
212.92.23.98
216.12.222.154
If one of these is your IP address, then you've got a problem or a hacker spoofed your address.
The following is a list of bots that I block: