Breathing Easy

Well, we’ve patched the holes and stopped the bleeding. The Big Swede’s server is happily back to normal traffic levels after about 5 days of hammering. Turns out it was not zombie attacks per se but instead, he got listed as an open proxy and as we know script kiddies and spammers love hitting open proxies to do their dark deeds.

The following additions to an htaccess file should be considered mandatory for web masters:

This kills FQDN requests that proxy abusers try to use.

RewriteCond %{THE_REQUEST} ^(GET|HEAD|POST) /?http:// [NC] RewriteRule .* – [F]

This makes CONNECT requests go away. Die connects die.

rewritecond %{REQUEST_METHOD} !^(GET|HEAD|POST|OPTIONS|PROPFIND|TRACE)$ RewriteRule .* – [F]

I’m also looking at getting snort installed on my box along with some other fun stuff to prevent attacks and automatically firewall ban them.

I’ve got the mini cloned over to server, and aside from some audio issues (no driver), it looks like everything is hunky dory. I’m going to let it hang out for a little bit to see if everything is working right before brining it up live, but things are looking good.

While wondering why my neighbor’s wireless networks seem to always be disappearing, I busted out stumbler and learned that all of my neighbors are now running their networks on channel 11. This was the channel I chose for my 3 cancer inducing radios when I moved in specifically because all of the neighbors were either on 1 or 6. So I’ve now moved over to channel 1. Unfortunately they are all still interfering with each other and preventing me from leeching their fast cox bandwidth.

Speaking of which, Speakeasy.net offers some pretty impressive DSL packages including a 768Kb up 6Mb down package that is pretty attractive. The thought of over 700k/sec downloads is just sexy. I’m paying just over $50 a month for my current 896up/1.5down link. I wish I could get something like a 3Mb up and 6Mb down though. Still $100 for that service is a good deal, and something I’ll be considering. While in most cases the 170K/sec I’m getting from the 1.5Mb downlink is okay, it really hurts when you need files fast. Especially now that I’m getting 400K/sec at work.

Holy crap DVI KVMs are expensive. What the hell? Are they really that complicated to put together? Anyone know where I can find a good DVI/USB KVM for less than $150, preferably less than $100.

Leave a Reply

Your email address will not be published. Required fields are marked *