Well it looks like I’m popular in China again.

China & Technology

China & Technology

This time I’ve had over 1,400 Windows 2000 users with IE 6.0 download the ‘full’ binary build of Qemu 0.14.0 – – [12/Mar/2011:23:53:33 +0000] “GET /install/qemu-0.14.0.zip HTTP/1.1” 200 13320793 “-” “Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.0)”

Like this….

# cat install-access.log|grep ‘ MSIE 6.0; Windows NT 5.0’ | wc -l

Honestly I don’t see why they do it, so I’ve pulled the download. I really don’t see the appeal of it, and most anyone who cares about Qemu will be using the x86/x86_64 stuff anyways.

DDOS fun…

Well it seems at some point China has decided they don’t like me, and they are now DDOS’ing my server… Or they have some bot net that is OBSESSED with Windows NT 3.1 servicepack 3 for the i386…

So as much as I don’t want to, I’ll end up blocking China, Taiwan, Hong Kong from my server…. Oh well.

One can only speculate what on earth they find so interesting.

If anyone is interested, you can find a script here, that’ll add a list of ip addresses into a block list for IIS.

Then it’s just a matter of downloading a table of ip addresses. I’m using these guys right now… I just downloaded the csv version, ran it through access, and used that to create some queries for some tables, then ran that data through some minor C program I ended up writing to massage the netmasks into something the script would like. It’s not “nice” but it works. Then afterwards since they keep on downloading the same file, I just extract my IIS logs into access which has the ip address set as a primary key, then I’m just making /24’s of each one that does so….

Sigh, I don’t get why they are doing it, but they are getting a whole lot of 403’s now.