Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <du5uuih5e5d4ugd7ru8oo0gb6ppenjrtdd@4ax.com>
Deutsch   English   Français   Italiano  
<du5uuih5e5d4ugd7ru8oo0gb6ppenjrtdd@4ax.com>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: legg <legg@nospam.magma.ca>
Newsgroups: sci.electronics.design
Subject: Re: Chinese downloads overloading my website
Date: Mon, 11 Mar 2024 10:40:16 -0400
Organization: A noiseless patient Spider
Lines: 103
Message-ID: <du5uuih5e5d4ugd7ru8oo0gb6ppenjrtdd@4ax.com>
References: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com>	<6lekuihu1heui4th3ogtnqk9ph8msobmj3@4ax.com> <usec35$130bu$1@solani.org>	<u14quid1e74r81n0ajol0quthaumsd65md@4ax.com> <usjiog$15kaq$1@solani.org>	<t7rrui5ohh07vlvn5vnl277eec6bmvo4p9@4ax.com> <usm6v6$17e2c$1@solani.org> <usm96m$3fkqg$1@dont-email.me> <usmkb9$17l2r$1@solani.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Injection-Info: dont-email.me; posting-host="4bf5ccac6bd891d8f3c037dd4188dedd";
	logging-data="3857246"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX182d/kOvDAZlwelg6p2eDM1"
Cancel-Lock: sha1:1k8yh8FFPeDY6QGon7WM/Sl+Wko=
X-Newsreader: Forte Agent 4.2/32.1118
Bytes: 3986

On Mon, 11 Mar 2024 09:53:44 GMT, Jan Panteltje <alien@comet.invalid>
wrote:

>On a sunny day (Mon, 11 Mar 2024 06:43:34 -0000 (UTC)) it happened jim whitby
><mr.spock@spockmall.net> wrote in <usm96m$3fkqg$1@dont-email.me>:
>
>>You may find the file:
>>
>>/etc/hosts.deny
>>
>>useful in this case, you can block by name(s) or ip(s).
>>Man hosts,deny
>>for more info
>
>I wrote a small script years ago using Linux iptables to reject bad IP adresses.
>
>raspberrypi: ~ # cat /usr/local/sbin_pi_95/ireject
># this is called to add a input deny for an IP addres to ipchains,
># and save the configuration.
>
>if [ "$1" = "" ]
>then
>        echo "Usage: reject IP_address"
>        exit 1
>fi
>
># OLD ipchains
>##ipchains -A input -s $1 -l -j REJECT
>#ipchains -L
>##ipchains-save > /root/firewall
>##echo "reject: ipchains configuration written to /root/firewall"
>
>#iptables -A INPUT -s $1 -p all -j REJECT
>#iptables -A INPUT -s $1 -p all -j DROP 
>
>echo "executing iptables -A INPUT -s $1 -p all -j DROP"
>iptables -A INPUT -s $1 -p all -j DROP 
>
>echo "executing iptables -A OUTPUT -s $1 -p all -j REJECT"
>iptables -A OUTPUT -s $1 -p all -j REJECT
>
>iptables-save > /root/firewall2
>
>exit 0
>
>Therr is an other one 'load_firewall somewhere.
>raspberrypi: ~ # cat /usr/local/sbin_pi_95/load-firewall
>iptables -F
>#/sbin/ipchains-restore < /root/firewall
>/sbin/iptables-restore < /root/firewall2
>
>
>
>There were many many entries in /root/firewall back then, daily work to keep track of attacks.
>Now I am on a dynamic IP address and the website is handled by a company,
>saves a lot of time.
>
>Things evolve all the time, iptables sets this Raspberry Pi with 8 GB memory as router too,
>runs with a Huawei 4G USB stick with IP 192.168.8.100 for net connection, anywhere in Europe I think,
>an other script:
>
>raspberrypi: # cat /usr/local/sbin/start_4g_router
>#!/usr//bin/bash
>
>iptables -F
>
>route add -net 192.168.0.0/16 dev eth0
>
>echo 1 >/proc/sys/net/ipv4/ip_forward
>
>iptables -t nat -A POSTROUTING ! -d 192.168.0.0/16 -o eth1 -j SNAT --to-source 192.168.8.100
>sleep 1
>
>ifconfig eth0 down
>sleep 1
>
>ifconfig eth0 192.168.178.1 up
>sleep 1
>
>vnstat -i eth1 -s
>sleep 1
>
># default is set to 192.168.8.1, using 8.8.8.8 and 8.8.4.4 google name server lookup
>cp /etc/resolv.conf.GOOGLE /etc/resolv.conf
>sleep 1
>
># reduce swapping
>sysctl vm.swappiness=5
>
>echo "ready"
>
>
>There is more, but then again, things change over time too.

Blocking a single IP hasn't worked for my ISP.

Each identical 17G download block (262 visits)was by a new IP 
in a completely different location/region. 

Beijing, Hearbin, Henan, a mobile and a fifth, so far untraced 
due to suspension of my site.

RL