strange MS visits

psema4 psema4-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Fri Dec 3 17:07:15 UTC 2004 

When I got in last night, I ran a traceroute on an IP that's been
trying to get into the member centers on my bbs.  Since those pages
are private, it begged the question, whois?

OrgName:    Microsoft Corp
OrgID:      MSFT
Address:    One Microsoft Way
City:       Redmond
StateProv:  WA
PostalCode: 98052
Country:    US  

Nice.  :(

On Fri, 3 Dec 2004 10:52:18 +0200 (IST), Peter L. Peres
<plp-ysDPMY98cNQDDBjDh4tngg at public.gmane.org> wrote:
> 
> 
> 
> On Wed, 1 Dec 2004, Austin wrote:
> 
> > Hmm, I'm having the weirdest thing going on with my website... maybe
> > someone can offer insight.
> >
> > I've had this address crawling all over my site lately, which is okay.
> > Recently it started visiting more often, and reloading the same pages
> > repeatedly.  By today, it was pounding two of my pages "recent posts"
> > and "leave feedback" form, several times per minute.  It's not really
> > consuming that much bandwidth, but it's filling up my logs with useless
> > quasi-spam.
> >
> > So guess who's IP it is?
> >
> > [austin at n1 rpm]$ whois 207.46.98.47
> > OrgName:    Microsoft Corp
> > OrgID:      MSFT
> > Address:    One Microsoft Way
> > City:       Redmond
> > StateProv:  WA
> >
> > So either the microsoft search bot is messed up treating my site like a
> > punching bag, or someone at MS is being a dick, or a machine at head
> > office has been compromised and is being used to do malicious stuff.
> >
> > I dunno, I guess it's a bit off topic, but I'd love to hear your ideas.
> >
> > Austin
> >
> > P.S.  It's a linux server, http://groundstate.ca running Drupal.
> 
> There are rumors that borg is collecting info on linux users and their
> habits in more than one place. It could be a bot programmed to make
> digests about users and activity, or a human borg extension doing the
> same. Time to password those pages imho. It could also be a borg employee
> looking after future employment security.
> 
> Peter
> 
> 
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list