Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Mysterious Google bot blocking
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x
Author Message
slackervaara
Worker
Worker



Joined: Aug 26, 2007
Posts: 236
PostPosted: Sun Nov 11, 2007 10:54 pm Reply with quote
I have just installed Sentinel and I have just got this strange blocking with Sentinel 2.5.13:

Date & Time: 2007-11-12 00:54:12 CET GMT +0100
Blocked IP: 66.249.72.47
User ID: Anonym (1)
Reason: Abuse-Script
--------------------
User Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Query String: mysite.com/modules.php?name=Forums&file=posting&mode=quote&p=56484&sid=39fe71c6f116a064e9e4710cc0f7997d">casino</a>
Get String: mysite.com/modules.php?name=Forums&file=posting&mode=quote&p=56484&sid=39fe71c6f116a064e9e4710cc0f7997d\">casino</a>
Post String: mysite.com/modules.php
Forwarded For: none
Client IP: none
Remote Address: 66.249.72.47
Remote Port: 32996
Request Method: GET

The IP-address looks like Google, but the query string is strange ending with:
=quote&p=56484&sid=39fe71c6f116a064e9e4710cc0f7997d">casino</a>
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing



Joined: Apr 30, 2004
Posts: 3221
PostPosted: Sun Nov 11, 2007 11:54 pm Reply with quote
It does seem to be a Googlebot IP.

It's a possibility that a spammer is writing out such links to post spam on your site. I don't see how this would work unless the subject and topic variables were written correctly. Could be a proof-of-concept or a typo.

_________________
- Star Wars Rebellion Network -

Need help? Nuke Patched Core, Coding Services, Webmaster Services 
View user's profile Send private message Visit poster's website
slackervaara
PostPosted: Sun Nov 11, 2007 11:58 pm Reply with quote
Thanks! Should I unblock this IP-address in Sentinel? Is it safe?
 
Susann
Moderator



Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support
PostPosted: Tue Dec 18, 2007 7:16 pm Reply with quote
I would unblock the IP. You can add Casino into the string blocker if required.
Goggles NetRange is: 66.249.64.0 - 66.249.95.255
While this is a faked Google bot:

Gesperrte IP: 62.28.18.*
Benutzer-ID: Anonymous (1)
Grund: Abuse-Filter
--------------------
User-Agent: Googlebot/2.1 (+http://www.google.com/bot.html)
Query-String: mysite.de/index.php?newlang=http://288472.cnc-us1-g2.dns.com.cn/.../safe.htm?
Get String: mysite.de/index.php?newlang=http://288472.cnc-us1-g2.dns.com.cn/.../safe.htm?
Post String: mysite.de/index.php
Weitergeleitet f&uuml;r: none
Client-IP: none
Entfernte Adresse: 62.28.18.238
Entfernter Port: 19832
Anfrage-Methode: GET
 
View user's profile Send private message
lonk
Regular
Regular



Joined: Aug 04, 2006
Posts: 64
PostPosted: Fri Feb 15, 2008 1:10 am Reply with quote
there was an attack that used google. Google said they had fixed this type of attack.. but i guess not. I might still have the how-to on how to do it. Its how they defaced my old phpnuke website. Please understand that i will only send this to the raven team. I am sure you can understand why.

Thanks
Lonk
 
View user's profile Send private message
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©