Kjartan Mannes

Arg. I just blocked some IP addresses on the firewall that were hammering my web servers. There are too many of the IIS bugs that people are trying to exploit, and they just do not seem to get it that it won’t work on Apache. Its annoying and a waste of server power and bandwidth. At one point, I was seeing 40 requests for bogus pages per second. It doesn't bother me to have a lot of visitors, but when most of them are asking for script/../../cmd.exe like URLs then I get frustrated.

Now I blocked the more persistent IPs and contacted the owners if the IP blocks to have them look over their security. This problem was worse when CodeRed and other trojans/viruses were first released, but it is still a constant problem. I fear it will get gradually worse over the next few years as more people get broadband and leave their computers hooked up to the internet all the time.