Comment spammers chewing blogger bandwidth like crazy
a.harrowell at gmail.com
Sat Jan 13 18:33:02 UTC 2007
Yes. Fistfulofeuros.net has seen dramatically higher levels of comments spam
since last autumn. Not as much as below, but we were offline due to supposed
overuse (I say supposed because our host claimed a script we don't have was
responsible) over Christmas.
On 1/13/07, Thomas Leavitt <thomas at thomasleavitt.org> wrote:
> A friend of mine operates a blog at seeingtheforest.com, and he pays for
> traffic over a (fairly minimal) cap. He posted this comment recently:
> Eating Bandwidth
> Last month something ate up a tremendous amount of bandwidth at Seeing
> the Forest, costing me a lot of money. So now I regularly check
> bandwidth use.
> Why has 220.127.116.11, HopOne in DC, been eating a HUGE amount of
> bandwidth? Gigabytes! What are they doing? (I banned them.)
> Why has 18.104.22.168, an IP in India, been eating a tremendous amount
> of bandwidth? What are they doing?
> Why has 22.214.171.124, an IP in Ukraine, been eating a tremendous
> amount of bandwidth? What are they doing?
> Why has 126.96.36.199 AND 188.8.131.52 AND 184.108.40.206 AND
> 220.127.116.11 AND 18.104.22.168, all from the /same company/ in
> Amsterdam, been eating a TREMENDOUS amount of bandwidth? What are they
> Why is 22.214.171.124 and 126.96.36.199 and Abacus America Inc.eating a
> TREMENDOUS amount of my bandwidth,
> One of the comments said:
> Yeah, I've seen a huge bump in my blog's traffic, I haven't figured out
> what they're doing, but it ate like 4Gb of bandwidth last month. Now
> that you mention it, I checked last month's stats and yep, there's
> 188.8.131.52 producing 62% of my blog traffic. I did a little checking
> around the web and they're an obvious spam host. Banned.
> They also chew up a lot of CPU (comment filter code). At few times,
> myself, I've had to simply take code offline that was getting hit too
> heavily... seems like the IPs (and their ilk) listed above are good
> prospects for a "bad behavior" blacklist, at a level below that of
> "collaborative spam filter" (which doesn't prevent traffic or CPU cycles
> from being consumed). Given the volume of traffic mentioned, this must
> be a real problem for some hosts and networks... although, on the other
> hand, if their marginal use rates are high enough, they might actually
> be making money off this.
> Thomas Leavitt
> Thomas Leavitt - thomas at thomasleavitt.org - 831-295-3917 (cell)
> *** Independent Systems and Network Consultant, Santa Cruz, CA ***
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the NANOG