|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
12-12-2002, 10:58 AM
|
#1 |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
Wtf is going on..
The server my paysite runs on is sometimes very very slow.
I dont know whats going on then, but for like 10 minutes long its nearly accessable. Now after a few months going through that bullshit, i decided to go and find out whats going on. So i've logged in with telnet, and i saw thats its httpd requestst that is making the server slow. I tried to view log files, but some were 450 mb big so that wasnt really an option. Somehow i figured out that it was my paysite though, because when the server was slow again, and i suspended my paysite (so it wont be accessable anymore) the server load became normal again. Then when i turned my paysite back on, bam, the server was heavily loaded. Ok, so the problem is with the pay site. I have check all scripts and my php code, but cant find shit. Now i just got the appache log file for the domain, and check this out...: Code:
210.248.31.162 - Motion [12/Dec/2002:08:32:32 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.0 ( compatible; MSIE 5.01; Windows NT4.0; DigiExt )" 210.163.97.146 - Mother [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [de]; Windows 95; DigiExt )" 210.248.226.226 - Motion [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [de]; AOL 5.0; NetCaptor )" 210.80.207.147 - Motorway [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [dk]; Windows 98; FREEI v2.53 )" 211.174.232.226 - Mottle [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; MSIE 5.0; Windows 95; TWRAITH )" 211.174.58.115 - Mottle [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [de]; Windows 95; win9x/NT 4.90 )" 206.19.38.189 - 12345 [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.73 ( compatible; MSIE 4.01; Windows NT5.0; DigiExt )" 210.160.187.50 - Mother [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; MSIE 4.0; Windows 98; DigiExt )" 211.20.122.86 - Moulding [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; MSIE 5.0; Windows NT5.0; NetCaptor )" 210.8.232.4 - Motion [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.0 ( compatible; MSIE 4.0; Windows NT4.0; FREEI v2.53 )" 211.232.147.118 - Moulding [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; MSIE 4.0; Windows NT5.0; DigiExt )" 205.216.125.18 - Morgant [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.0 ( compatible; [jp]; AOL 5.0; athome0107 )" 211.114.62.130 - Mottle [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.72 ( compatible; MSIE 5.0; Windows NT5.0; athome0107 )" 211.233.27.188 - Mountain [12/Dec/2002:08:32:33 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.6 ( compatible; MSIE 5.0; Windows 95; NetCaptor )" 209.249.56.178 - Moscow [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; MSIE 5.01; Windows NT4.0; NetCaptor )" 211.28.96.71 - Mouse [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.72 ( compatible; [jp]; Windows 95; DigiExt )" 211.233.80.64 - Mountain [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; [de]; Windows 95; FREEI v2.53 )" 211.33.197.243 - Mouse [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [dk]; Windows 98; FREEI v2.53 )" 211.0.70.226 - Motown [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; MSIE 4.01; Windows 98; DigiExt )" 211.11.212.98 - Motsche [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; MSIE 5.5; Windows 95; DigiExt )" 211.9.128.182 - Movies [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [de]; Windows 95; win9x/NT 4.90 )" 211.5.85.221 - Mouse [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; MSIE 5.0; Windows NT4.0; FREEI v2.53 )" 211.72.119.156 - Mouses [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; [de]; Windows 95; DigiExt )" 206.19.38.189 - 124356 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.7 ( compatible; MSIE 5.01; Windows NT4.0; DigiExt )" 206.19.38.189 - 050365 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.6 ( compatible; [fr]; AOL 5.0; DigiExt )" 210.249.37.66 - Monkey [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com:80" "Mozilla/4.72 ( compatible; [de]; AOL 5.0; athome0107 )" 206.19.38.189 - 1309159 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.72 ( compatible; [de]; AOL 5.0; athome0107 )" 206.19.38.189 - 195050 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.7 ( compatible; [jp]; Windows NT5.0; athome0107 )" 206.19.38.189 - 167123 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.72 ( compatible; [dk]; Windows NT4.0; DigiExt )" 206.19.38.189 - 2alpha [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.73 ( compatible; [de]; Windows 98; DigiExt )" 212.160.144.100 - Moycos [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.7 ( compatible; MSIE 5.0; Windows NT5.0; NetCaptor )" 206.19.38.189 - 2bachman [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.73 ( compatible; MSIE 4.0; Windows 95; DigiExt )" 212.166.5.129 - Moycos [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; MSIE 4.0; Windows NT5.0; DigiExt )" 206.19.38.189 - 37239967 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.7 ( compatible; [fr]; AOL 5.0; DigiExt )" 206.19.38.189 - 19indian [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.72 ( compatible; [jp]; Windows NT4.0; ezn IE )" 206.19.38.189 - 39501828 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.73 ( compatible; [dk]; Windows NT5.0; DigiExt )" 211.43.23.10 - Mouse [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.0 ( compatible; MSIE 5.01; Windows NT4.0; DigiExt )" 212.138.47.12 - Movies [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; [dk]; AOL 5.0; NetCaptor )" 206.19.38.189 - 2110glen [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.6 ( compatible; MSIE 5.0; AOL 5.0; DigiExt )" 206.19.38.189 - 3221975 [12/Dec/2002:08:32:35 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.0 ( compatible; MSIE 5.01; Windows 98; DigiExt )" 206.19.38.189 - 39488083 [12/Dec/2002:08:32:35 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.0 ( compatible; MSIE 4.01; Windows NT5.0; DigiExt )" 206.19.38.189 - 36215308 [12/Dec/2002:08:32:35 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.72 ( compatible; MSIE 5.01; Windows 95; DigiExt )" 206.19.38.189 - 260651 [12/Dec/2002:08:32:35 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/3.01 ( compatible; MSIE 5.0; Windows 95; TWRAITH )" 206.19.38.189 - 242448 [12/Dec/2002:08:32:35 -0700] "HEAD /members/ HTTP/1.1" 200 841 "http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.0 ( compatible; MSIE 4.01; Windows NT5.0; ezn IE )" is that site brute force attacking me? can someone tell me more? its kinda pissing me off, and what sux is that they are all different ips, so i cant just block the ip... :/ |
|
|
|
12-12-2002, 11:00 AM
|
#2 |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
that is btw just a small part of the log, it goes from a-z and then 0-9 (the usernames)
|
|
|
|
|
12-12-2002, 11:07 AM
|
#3 |
|
Confirmed User
Join Date: May 2001
Location: Everville
Posts: 2,851
|
GET A LOG ANALYZER
|
|
|
|
|
12-12-2002, 11:08 AM
|
#4 |
|
So Fucking Banned
Join Date: Sep 2002
Location: AZN KLAN'S MAIN LAND
Posts: 1,527
|
you can contact me before you post it here.
i didn't mean to do it thou |
|
|
|
|
12-12-2002, 11:11 AM
|
#5 |
|
HAL 9000
Industry Role:
Join Date: May 2001
Posts: 34,515
|
join the paysite and see if he is giving access to his members in your own paysite!
http://www.busty-brigitte.com/prev/join.htm |
|
|
|
|
12-12-2002, 11:11 AM
|
#6 | |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
Quote:
Im not saying anyone is doing anything, im just saying my server gets heavily loaded and post this log. |
|
|
|
|
|
12-12-2002, 11:15 AM
|
#7 |
|
HAL 9000
Industry Role:
Join Date: May 2001
Posts: 34,515
|
or as you said it might BF you
"http://www.busty-brigitte.com/bbheaven/home.htm" "Mozilla/4.7 ( compatible; MSIE 5.01; Windows NT4.0; DigiExt )" 206.19.38.189 - 050365 [12/Dec/2002:08:32:34 -0700] "HEAD /members/ HTTP/1.1" 200 841 hm the ip 206.19.38.189 is the official site of San Diego city |
|
|
|
|
12-12-2002, 11:20 AM
|
#8 | |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
Quote:
but if you look at this part of the log: Code:
211.11.212.98 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; [en]; Windows 98; NetCaptor )" 211.20.122.86 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.6 ( compatible; [en]; Windows 98; FREEI v2.53 )" 200.29.20.232 - Pottss [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; [jp]; Windows NT4.0; athome020 )" 210.248.31.162 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; MSIE 5.01; AOL 5.0; DigiExt )" 211.233.27.188 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.6 ( compatible; MSIE 5.0; AOL 5.0; FREEI v2.53 )" 210.248.226.226 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.73 ( compatible; [en]; Windows 98; DigiExt )" 210.249.37.66 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.6 ( compatible; MSIE 5.0; AOL 5.0; athome0107 )" 211.232.147.118 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; [fr]; Windows NT5.0; FREEI v2.53 )" 211.28.96.71 - Powers [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.72 ( compatible; [de]; Windows 98; athome0107 )" 210.226.82.210 - Powerpc [12/Dec/2002:08:43:48 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.72 ( compatible; [jp]; Windows 98; ezn IE )" 212.208.183.189 - Pookie [12/Dec/2002:08:43:49 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; MSIE 4.01; Windows 98; MSNIA )" 211.33.197.243 - Powers [12/Dec/2002:08:43:49 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; MSIE 5.0; Windows NT4.0; FREEI v2.53 )" 212.160.144.100 - Powerup [12/Dec/2002:08:43:49 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.6 ( compatible; MSIE 5.0; AOL 5.0; FREEI v2.53 )" 211.9.128.182 - Powers [12/Dec/2002:08:43:49 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/4.72 ( compatible; MSIE 4.01; Windows NT5.0; DigiExt )" 211.72.119.156 - Powers [12/Dec/2002:08:43:49 -0700] "HEAD /members/ HTTP/1.0" 200 841 "http://www.teenchase.com/members/" "Mozilla/3.01 ( compatible; [en]; Windows NT5.0; DigiExt )" |
|
|
|
|
|
12-12-2002, 11:23 AM
|
#9 |
|
Confirmed User
Join Date: Nov 2002
Posts: 1,099
|
is it the new JesusBot in a betatest run?
__________________
dont look at this signature, Wildcard told me making money on GFY is baaaaaaaaaddd - so my sponsor links have been removed |
|
|
|
|
12-12-2002, 11:25 AM
|
#10 | |
|
So Fucking Banned
Join Date: Sep 2002
Location: AZN KLAN'S MAIN LAND
Posts: 1,527
|
Quote:
maybe, who knows ? I guess the Jesus group attck him |
|
|
|
|
|
12-12-2002, 11:32 AM
|
#11 |
|
Confirmed User
Join Date: Aug 2002
Location: Ask Stormy... :)
Posts: 182
|
Foz,
would you mind walking me through checking my own logs? Or does anyone know how to find out the same info Firefoz just found out? Any help would be appreciated. Smileygirls (Ravinwall)
__________________
<a href="http://www.stormyfriday.com" target="_blank"><img src="http://www.panchodog.com/graphics/stobutton.gif"></a> |
|
|
|
|
12-12-2002, 12:01 PM
|
#12 |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
Ok im quite sure its a BF. Im not sure what im gonna do about it yet :/
|
|
|
|
|
12-12-2002, 12:23 PM
|
#13 |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
I think i got a solution against BF attacks :D
i'll make it and post it later here. |
|
|
|
|
12-12-2002, 12:23 PM
|
#14 | |
|
Confirmed User
Join Date: Apr 2002
Posts: 480
|
Quote:
|
|
|
|
|
