[KLUG Members] Chasing people down.

[Adam Bultman]

Thank you, Adam.  I'll try that.  I get logs of nice IP addresses, and
referrers, to boot. I'll see what I can do, although a LOT of the
addresses don't have anythning when I do a 'host n.n.n.n" request.

I'll keep everyone postsed, if they want.

-- 
Adam Bultman
adam@glaven.org
[ http://www.glaven.org ]


On Fri, 28 Jun 2002 adam@morrison-ind.com wrote:

> >Okay. I've posted this to another listserv, but I think it has too small
> >of a knowledge base. Or, failing that, too small a base of people who
> >don't filter me. <pause for laughter>
> >Anyway, you all probably remember my two servers getting used as proxy
> >story, so I submit to you: How do I track these people down?  I still run
> >tail -f 's on the access logs, and I still get enough hits to have almost
> >a constantly scrolling list go by.  My questions are:
> >1.  How do I find out if someone is using (or attempting now) to use my
> >server as a free proxy?  Excuse me:  How do I find WHO is using me?
>
> Your proxy is available from the Internet?!  If you see log entries traceroute
> back to the source address,  reverse lookup on the address,  lookup the domain
> in whois, and contact their administrative contact.
>
> > 2.  How do I find out if it's a site using me, or a person (i.e. a port/ad
> > site or just a few people using me as a personal proxy?)
>
> If it is always the same request I doubt it is a human user.
>
> >I've tried contacting one of the larger companies with users who are
> >hitting me, but despite the helpdesk's nice words (oh, trust me, the abuse
> >line is very quick) I have yet to get responses.  So, I guess my main help
>
> Screw the help desk, whois contains contact info.  If no satisifaction have your
> lawyer call and mention compenstation for bandwidth consumption.
>
>
>
>
> _______________________________________________
> Members mailing list
> Members@kalamazoolinux.org
> 
>