Friday, June 12, 2015

Hacking Back

I think that it is obvious to all that I've been at sixes and sevens of late with regard to this blog: no sense of direction, posts all over the place, stuff I keep promising not appearing - that in-depth look at Mondo Movies, for instance.  This, in large part, is down to me trying to juggle several things at once - that long-mooted schlock movie blog, devising new strategies to prop up traffic over at The Sleaze, tracking down and watching obscure films, mulling over whether to go ahead with a new podcast series.  However, I have at least dealt with one pressing problem: that bloody persistent Ukrainian hacker who keeps launching brute force attacks against The Sleaze. I mentioned him a couple of months ago - he's the incompetent who can't even find the correct address for the login page, hitting a non-existent page instead.  Last time he spent the better part of 48 hours hammering my site with an automated script trying to break in by trying combinations of guessed passwords and user IDs, except that he'd pointed the script at the wrong page.  Undeterred, he kept going even after I'd blocked his IP address.  The trouble is that, whether he was hitting a non-existent page or being bounced off the site, it was eating up my bandwidth and slowing the site down.

Anyway, he came back mid-week (the IP address was from the same range and ISP as the one I had banned) and started hammering away at the non-existent login page (he just doesn't learn), again, I blocked his IP, but he just got ever more aggressive, upping the tempo of his script to attack the site every second or so.  Suddenly a solution occurred to me: as the page he was hitting didn't exist, I could safely put a redirect on it and, as I had his IP address from my server logs, it seemed obvious that that should be the destination of the redirect.  Which meant, in practice, that I was looping his attacks back against him: every time he hammered my site, he was also hitting himself.  Not surprisingly, within five minutes of setting up the redirect and lifting the block on his IP address, he ceased and desisted his activities.  And he hasn't been back.  So far.  Hopefully he's finally learned something - some of us site owners bite back.  Not that this victory means that I can afford to get complacent about the threat posed by these bastards - I've also activated various other security precautions to foil their activities.  Which seem, so far, to be working - there's been a significant drop in the volume of brute force attacks on my login since I put these measures in place.

As for the other things distracting me - well, traffic to The Sleaze has had a temporary boost by changing tack with the stories.  After a long string of political satire stories throughout the general election, which only did middling business traffic-wise and a couple of politics-related stories post-election which performed disappointingly, I put up a silly conspiracy story about the 'Titanic' and hit the jackpot.  It's always the way - those lovingly crafted witty and intellectual satire pieces are always outperformed by smut and conspiracies.  The success of the 'Titanic' story pretty much vindicates my recent decision to change direction with stories over at The Sleaze - less politics for a while and a return, instead, to the kind of weird and surreal stuff which used to dominate the site.  Away from The Sleaze, I'm still working on that new schlock site, although the obscure movie watching is on a bit of a hiatus at the moment: not only have I recently OD'd on Mondo movies, but I need a breathing space to start writing up some of the stuff I've seen.  On a related note, I'm still mulling over a schlock move podcast to accompany the new site.  Hopefully I can get a bit more focussed here, as well.

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home