27 Pluviôse CCXIV (February 15, 2006)
System Stuff
I've fiddled around with the Apache settings a bit in order to deal with some abuse of MovableType's search script. Basically, I was having roughly 5 search queries a day for "Search" from one of two IP addresses. Not much, but it was slowly filling up my logs with garbage. There should be no adverse effect on any one else, but I always may have made a typo somewhere. In other words: let me know if you suddenly get 403 errors. (You'll recognise them by the red background and the giant Lenin head that appears.)
As for whoever owns the machine(s) using the IPs 195.225.176.73 and 195.225.176.77: I hope you catch something slow, painful, and fatal.
If you want some real fun check sovereign's logs for ssh_brute_force :).
And that's weird... both of those IPs are in the Ukraine. Do you know why they would be hitting the search? Looking for vulnerabilities to set up a spam host maybe?
That's actually kind of confusing me. The fact that they appear to be using the search script to search for references to search scripts.
I understand some of my other strange log entries (referal strings from search engines where the search string was 'Post a comment'), but the search is confusing me.
And are we still getting hit with SSH brute force attacks?
Posted by ![[TypeKey Profile Page]](http://leftblank.org/nav-commenters.gif)
-
-
-
