Re: CLPM Daily Crime Report

From: Sherm Pendley (spamtrap_at_dot-app.org)
Date: 06/28/04 

Date: Mon, 28 Jun 2004 17:57:42 -0400

Purl Gurl wrote:

> Stalking is a serious crime, at state and federal level.

Yes, it is. However, nothing in the server log you posted proved stalking.
The only thing shown by that log is a misuse of the image on your site.
Copyright infringement (if you own the copyright) and theft of bandwidth,
nothing more.

> Those hits began when I announced _here_ I was no
> longer dropping connections. Once sufficient numbers
> of readers became aware, hits exponentially increased,
> finally being shut down at twelve-thousand hits.

It only takes one entry in a LiveJournal blog to generate that effect. One
entry with an image, and then all of those image aggregators copy the <img>
tag.

Try it for yourself if you won't take my word for it. Create a LiveJournal
blog, and then create a blog entry with an image link in it. Presto, all of
those image collector bots will mirror the image link.

> This trick of using search engines, or posting links,
> is an impotent attempt to conceal crime committed
> by a majority here, who are mentally ill criminals.

That's why I suggested that you look in your logs for referrers directly
from livejournal.com. What you're seeing, if it's intentional, is a DDOS
attack; because of the image collector sites, a single post of an image
link can result in many thousands of hits to the target server.

Making blanket accusations targeting everyone in this group won't help.
Well, it might be cathartic and help ease tension for you, but it won't
help solve the actual problem.

To solve the problem, you need to have a look through your server logs for a
referrer from livejournal.com - that will be the original journal entry
that the others are mirroring. Look at the dates and times of the entries
for that user, and compare them to the dates and times of the bursts of
traffic on your server.

> I have presented a number of case examples by making
> announcements here and only here, then providing
> documented results for you to weigh.

That supports your theory that someone here is the root cause, but not your
theory that many or most of the group is at fault. It wouldn't take a lot
of people to create the patterns you see here - just one person posting
links to a blog.

> Bottom line, there are lots and lots of mentally ill
> criminals in the Perl Community who have stalking and
> harassing our family, for years.

Once you've figured out whose blog is the root cause, the next step is to
figure out their motive. It might be exactly what you think it is - a
disturbed individual attacking your server. Or it might be someone who
liked an image on your site and uses it as a logo for their blog entries.

> You read a recent implied death threat, a bullet to
> the head. That is serious.

I interpreted that as a joke. A joke in poor taste, yes, and offensive, but
nothing that could be taken as a literal threat to your life.

> We are under no obligation to share any information with
> the Perl Community.

And we are under no obligation to believe you or take your allegations
seriously. Nonetheless, I am attempting to take it seriously and help you
investigate it as such.

So far, what information you have shared has indicated a misuse of one of
the images on your site in someone's blog. That, in turn, led to many blog
image collectors hitting your site, creating the traffic bursts you've
documented here.

Nothing you've shown so far has conclusively proven a link between the
attacks and anyone here, much less the whole group. In fact, nothing you've
shown here has proven that the traffic bursts you're seeing are the result
of malicious attacks. Judging by what you've posted here, it's equally
possible that someone could be using your image in the blog without even
being aware that what they're doing is causing you such distress.

sherm-- 

-- 
Cocoa programming in Perl: http://camelbones.sourceforge.net
Hire me! My resume: http://www.dot-app.org

Relevant Pages

  • Re: Exchange Front-end/Back-end question
    ... Ben Winzenz ... Read my blog! ... out to the Internet). ... create a static route to make sure that the server knows how to ...
    (microsoft.public.exchange.admin)
  • Re: Receiving a File Replication Service error on 2 DCs.
    ... List of domain controllers with accounts in the domain: ... BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ... * This posting is provided "AS IS" with no warranties and confers no rights! ... Server then drivers are loaded and then it comes up online after a reboot. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Receiving a File Replication Service error on 2 DCs.
    ... on all domain controllers last week. ... BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ... To migrate a domain controller, reboot the server, press F8 ... boot to Directory Services Restore Mode, and launch the SMP – ...
    (microsoft.public.windows.server.active_directory)
  • CORRECTION: WSS FAQ additions and changes - *12th - 18th* Febuary 2007
    ... (This is also posted to my blog at http://mikewalsh.bilsimser.com) ... in a Windows SharePoint Services 3.0 Web site by using an RSS reader ... Office 2007 Server Products ... Search for Microsoft Office SharePoint Server 2007 ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Errors during DTS package
    ... indicate a major problem. ... The server log is just ... >index corruption within SQL Server. ...
    (microsoft.public.sqlserver.server)