Well it seems at some point China has decided they don’t like me, and they are now DDOS’ing my server… Or they have some bot net that is OBSESSED with Windows NT 3.1 servicepack 3 for the i386…
So as much as I don’t want to, I’ll end up blocking China, Taiwan, Hong Kong from my server…. Oh well.
One can only speculate what on earth they find so interesting.
If anyone is interested, you can find a script here, that’ll add a list of IP addresses into a block list for IIS.
Then it’s just a matter of downloading a table of IP addresses. I’m using these guys right now… I just downloaded the csv version, ran it through access, and used that to create some queries for some tables, then ran that data through some minor C program I ended up writing to massage the netmasks into something the script would like. It’s not “nice” but it works. Then afterwards since they keep on downloading the same file, I just extract my IIS logs into access which has the IP address set as a primary key, then I’m just making /24’s of each one that does so….
Sigh, I don’t get why they are doing it, but they are getting a whole lot of 403’s now.