User forums > General (but related to Code::Blocks)

C::B and other IDE !!

<< < (2/2)

Grom:
Why you blackout some Russian and Chinese subnets?  :shock:

jmccay:
I don't like eclipse.  I have a hard time getting past compiling (jit-ing) every time I want to run the program.  Just seem to be a waste of time.  With the exception of Anjuta, the others have been around for longer.  C::B is doing great.  I still like.
jmccay

MortenMacFly:

--- Quote from: Grom on December 19, 2007, 01:04:08 am ---Why you blackout some Russian and Chinese subnets?  :shock:

--- End quote ---
We have good reasons for tat. For example to limit our bandwidth consumption. You wouldn't imagine how often we get completely mindless/senseless/massively mis-configured downloads and status queries from bots/crawlers out of these networks. Due to that we had reached the bandwidth limit (which we thought was really almost impossible) several times at the end of the month in the past.
Say thank you to idiots that setup "brute-force crawlers".
With regards, Morten.

thomas:

--- Quote from: Grom on December 19, 2007, 01:04:08 am ---Why you blackout some Russian and Chinese subnets?  :shock:
--- End quote ---
That is because Chinese and Russians have an exorbitantly higher tendency to be abusive. I am not blocking someone because he is Chinese or Russian. However, it just so happens that the vast majority of addresses and address ranges that's blocked comes from Chína, followed by Russia (the two making up over 95%).

For example, one particular Chinese search bot which is now blocked was using up 3 times as much bandwidth as Google and Yahoo together and used to send upward of 200 requests per minute (many duplicate requests) from half a dozen IP addresses in the same subnet for 30-40 minutes. Twice per day, every day. Ironically, the affiliated search engine does not even index pages in English.
We cannot help it if people are just plain braindead, or careless, or both. But we don't have to serve them.

And then of course, there are the script kiddies and exploiters, and people who are just careless and run malware on their PC without knowing (or not caring about). Most of them aren't really important. They're unlikely to do any real damage, unless they chew up too much bandwidth that we would rather apply to our users. But still, we have an eye on them.

Maybe that's excessive, we should probably just ignore them, but it really doesn't cost more than a minute or two of reviewing per day, as most of it runs automated. A custom-made script filters out specific log records and usage patterns which may contain malicious behaviour. No, we are not telling you what we look for.
The extracted records are reviewed on a regular base. If the records look like you're really doing something that we don't like, you're blocked.
This can be a simple 24 hour DROP on the specific IP (often this is good enough to stop it, and often they're using dynamic IPs anyway), or it can be a permanent blacklist of the class C or class B subnet you're in if you're really a wanker - it depends.

Sure enough, we will occasionally hit innocent users with this too, that's bad luck, but we can't help it. If you brag about running web servers exploits and suddenly the person you were talking to kicks you in the face, then you know that you have met one. :)

Navigation

[0] Message Index

[*] Previous page