Monthly Archives: February 2006

NBA All-Star Saturday

Posted on by
Reply

Thoughts on the All-Star Saturday:

3 Point Shootout: Yes! Dirk did it! Finally a NBA Allstar Trophy for Dirkules. Very much deserved, although he sneaked his way into the final (his last shot in the first round probably was still in his hand as the horn sounded?!)

Shooting Stars: The only thing that pwned San Antonio’s performance was Kobe’s nothing but net shot from midcourt (alright, Tony Parker’s bank shot was sweet, too…but not as good as that shot).

Dunking Contest: Sorry Mr. Iguodala, but you’ve been owned. I guess there’s no question that his dunk from behind the backboard was THE best single dunk in the competition (!), but that was the first round and his dunks in the finals just weren’t all that creative…unlike Nate Robinson’s dunks which weren’t working on the first try, or the second or the tenth for that matter, but at least he did something new (can you say double cross-leg in mid-air pass to the backboard + slam!)…so don’t whine. Maybe that’ll teach you a lesson: don’t use your best dunk in the first round…I guess there’s no question that he would have won it, if he had done the behind the backboard dunk in the finals…
Skills Challenge: Congrats Flash! A nice performance, although I would have loved to see LeBron take it, sorry ;-)

Finding the culprit

Posted on by
4

So I had a look at the server logs and stats today and notice a huge increase in both incoming and outgoing traffic. What hit my eye immediately was the sheer amount of nearly 240GB used yesterday. As I browse through the stats to find the request using the most bandwidth I find links to numerous japanese forums – and guess what I find in those threads, yes, pr0n. Not that I’ve got a problem with that, what I’ve got a problem with though is the fact that they are exploiting a loophole in one of my proxies.

Usually it’s quite easy to figure out that you’re getting hotlinked and the solution is easy, three lines of mod_rewrite goodness and you’re done. Now I was facing another variant of the same problem. Let me explain:

The proxy shows a url in the form of http://www.proxytastic.com/index.php?q=randomString once you surf via the webinterface. Now this url can be any type of thing (html, php, gif, jpg, flash, …) so they were just using that fact to their advantage: … img src = “http://www.proxytastic.com/index.php?q=randomString ….

Now that I noticed that I just block all direct access to such urls via a HTTP-Referer rule…so no more bandwidth theft, use my site, enjoy and watch some ads, damn it ;-)
On another note: good thing that I’ve got a contract with unlimited bandwidth, if not this would have been an expensive loophole…

Edit: It seems that the rewrite solution isn’t working out to good…need to figure out something better, maybe ip blocking…