IWETHEY v. 0.3.0 | TODO
1,095 registered users | 1 active user | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Update.
I had a closer look at my iptables options and found TARPIT. Oooo... Unfortunately, I don't have the right kernel option installed. Drat. So I picked REJECT --reject-with icmp-host-unreachable. he he he he...

So they keep changing their source address. It's coming from somewhere in Russia. So now I'm filtering 91/8 and 89/8.

I wonder how long this will last...

Wade.

Q:Is it proper to eat cheeseburgers with your fingers?
A:No, the fingers should be eaten separately.
New Grr.
It's spreading. :-( Well, moving. The two Russian hosts aren't trying anymore, instead I've got a third in Turky, a fourth in Montreal and a fifth somewhere in the US Midwest. They've been blocked similarly.

My guess is someone has assembled a list of open resolvers and mine got on there. Now it's being distributed and people are using it. I might have to those dastardely resolutions, after all. That would still let anyone resolve my domain name but give them hell if they try to treat it as a open resolver...

Wade.

Q:Is it proper to eat cheeseburgers with your fingers?
A:No, the fingers should be eaten separately.
New Disable recursion?
If the only use is to resolve your domain, then disable recursive lookups for the internet at large. You can always make an exception for local hosts (assuming the addresses can be distinguished.)

Exact details depend on OS and DNS server version of course.
New I did that.
Or at least I think I did. I could see in tcpdump that they were getting "DNS Refused", but that wasn't enough to tell them to reconfigure their resolver. Using iptables to tell it the host isn't there seems to be working rather better.

I've taken to emailing the IP range owner (these email addresses *must* work: the IP registries get upset when they don't!). This also seems to stop things. On the most recent ones, I've asked them to also tell whoever they got the address.

Slowly but surely.

If I get bored of this, I *will* be setting up *. to resolve to some black hole.

Wade.

Q:Is it proper to eat cheeseburgers with your fingers?
A:No, the fingers should be eaten separately.
New Right, like I said ...
Cure mental image, annnnnnd ... you're welcome.
--

Drew
Expand Edited by drook July 31, 2010, 12:51:09 PM EDT
     DNS help. - (static) - (13)
         There is a good reference... - (folkert)
         resolve all the knob asks for to a porn site -NT - (boxley) - (6)
             A few more ideas (if you've got bandwidth to spare) - (drook) - (5)
                 :-D -NT - (Another Scott)
                 Great idea... - (static) - (3)
                     * -> goatse.cx -NT - (drook) - (2)
                         Ow. - (static) - (1)
                             Great name for a college band: Dastardly Resolutions - (drook)
         Update. - (static) - (4)
             Grr. - (static) - (3)
                 Disable recursion? - (scoenye) - (2)
                     I did that. - (static) - (1)
                         Right, like I said ... - (drook)

The ice cream truck in the neighborhood plays "Helter Skelter".
92 ms