Comments on: Symantec crawling blogs? http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/ writes on spam and admin issues Wed, 07 Jan 2009 00:46:18 +0000 http://wordpress.org/?v=2.7 hourly 1 By: IJ http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-175951 IJ Thu, 03 May 2007 18:53:48 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-175951 While this is a bit late, I run a webserver with a few sites on it, both mine and not. I got hit by these things last night. I figured I'd take charge of these guys. I have a Cisco 2611 directly ahead of my server. My solution to this was simple: Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#ip route 65.88.178.10 255.255.255.255 null0 Router(config)#end Router#copy run start Destination filename [startup-config]? Building configuration... [OK] Not only can they not talk to my webserver, they can't talk to ANYTHING behind that router! While this is a bit late, I run a webserver with a few sites on it, both mine and not.

I got hit by these things last night. I figured I’d take charge of these guys.

I have a Cisco 2611 directly ahead of my server. My solution to this was simple:

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ip route 65.88.178.10 255.255.255.255 null0
Router(config)#end
Router#copy run start
Destination filename [startup-config]?
Building configuration…
[OK]

Not only can they not talk to my webserver, they can’t talk to ANYTHING behind that router!

]]> By: Dirk http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-3364 Dirk Mon, 13 Feb 2006 21:02:21 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-3364 Yep, I've noticed the same thing (same IP address) as Elixon earlier today. It's already blocked because of that dubious user agent string, but that didn't stop it from trying. It's also trying to access URLs that are listed in our robots.txt Bad bot, bad Symantec! Yep, I’ve noticed the same thing (same IP address) as Elixon earlier today. It’s already blocked because of that dubious user agent string, but that didn’t stop it from trying. It’s also trying to access URLs that are listed in our robots.txt

Bad bot, bad Symantec!

]]> By: Elixon http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-3359 Elixon Mon, 13 Feb 2006 18:38:39 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-3359 I have got the same experience. I captured the communication and here is the brief result: [HTTP_HOST] => demo.webdevelopers.cz [HTTP_CONNECTION] => close [CONTENT_LENGTH] => 0 [HTTP_USER_AGENT] => Mozilla/4.0 [HTTP_ACCEPT_LANGUAGE] => en-us [SERVER_NAME] => <a href="http://demo.webdevelopers.cz" rel="nofollow">Elixon CMS</a> [REMOTE_ADDR] => 65.88.178.10 It claims to be "Mozilla/4.0" browser with default language set to en_US. I recieved only one hit on the homepage so far. I'm not hosting any blogs. I have got the same experience. I captured the communication and here is the brief result:

[HTTP_HOST] => demo.webdevelopers.cz
[HTTP_CONNECTION] => close
[CONTENT_LENGTH] => 0
[HTTP_USER_AGENT] => Mozilla/4.0
[HTTP_ACCEPT_LANGUAGE] => en-us
[SERVER_NAME] => Elixon CMS
[REMOTE_ADDR] => 65.88.178.10

It claims to be “Mozilla/4.0″ browser with default language set to en_US. I recieved only one hit on the homepage so far. I’m not hosting any blogs.

]]> By: ady http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-41 ady Sat, 05 Mar 2005 02:56:14 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-41 Yeah. Got hit by it too. Sometimes sporadic and sometimes it's very insistent. I never got round to writing to them. Blocked the IP in the end. Yeah. Got hit by it too. Sometimes sporadic and sometimes it’s very insistent. I never got round to writing to them. Blocked the IP in the end.

]]> By: loid http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-40 loid Fri, 04 Mar 2005 23:22:27 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-40 The Symantec IP hammered netaloid so often that I finally denied 'em access a couple of months ago. I was unable to find a legitimate reason for them to be crawling so hard and often. The Symantec IP hammered netaloid so often that I finally denied ‘em access a couple of months ago. I was unable to find a legitimate reason for them to be crawling so hard and often.

]]> By: cindy http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-39 cindy Fri, 04 Mar 2005 15:30:31 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-39 they have hit me too. they have hit me too.

]]> By: alfons http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-38 alfons Fri, 04 Mar 2005 14:43:30 +0000 http://spamhuntress.com/2005/03/04/symantec-crawling-blogs/#comment-38 I saw the same since writing something about (D)DOS on my blog. I saw the same since writing something about (D)DOS on my blog.

]]>