<<< Thursday, March 20, 2008 10:06 PM

Home

Saturday, March 22, 2008 09:02 PM >>>


more denial by idiots

Friday,  03/21/08  11:31 AM

The other day I noted a weird sort of denial of service "attack"; there was a broken script loose on the 'net, someone was scraping my site over and over with a bunch of bad URLs.  No real harm except a sad waste of bandwidth.

Now I have a new "attack" in progress, apparently from Russell Beattie's Mowser.  I'm not sure why Mowser would be scraping my site, but a bot with the user agent "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; mowser; http://www.mowser.com)" has hit over 100,000 times each of the last three days.  All with invalid URLs.  I actually changed my site to specifically return "403 forbidden: please stop the DOS attack" to this agent, but of course being a bot this doesn't help.  (It did make me feel better.)

BTW I like Mowser, it provides a free mobile version of Critical Section which is pretty cool.

Russell has recently branded me an idiot for my political views, and asked me to stop sending him email, so I guess I'll just have to wait until he notices his broken bot.

Update: Looks like around 2:00 this afternoon the "attack" stopped.  Furthermore I notice that m.w-uh.com is no longer "moblified" by Mowser, it now just redirects to w-uh.com.  So thanks, Russell, for figuring it out, but too bad it means I don't have a mobile version anymore.

Further Update: The "attack" has resumed, this time with a MSNBOT user agent.  Perhaps the script simply uses various other robots' user agents, and Mowser was never involved.  Sorry, Russell!  Once again hit after hit to invalid URLs.  Anyway I am now returning 301s (permanent redirects) back to w-uh.com, it doesn't seem to help but it uses the least bandwidth.  What a waste of my time, in addition to bandwidth.  Idiots.

One More Update: I really owe Russell an apology - so sorry, Russell.  The hits have continued unabated, from various servers around the world, and using a variety of different user agents.  Clearly Mowser was not involved.  I cannot figure out the possible benefit of having a script launch 100,000 hits to my little site using one invalid URL after another, but that's what's happening.  Fortunately by returning the 301 it doesn't use much bandwidth or CPU, so it just clogs up the log files.  Hopefully the idiots will go away after a while - we'll see..