* * * * *

                     And here I thought web bots were bad

I suppose it was only a matter of time, but the bad web robot [1] behavior
has finally reached Gemini [2]. There's a bot out there that made 42,766
requests in the past 27 hours (so not quite one-per-second) until I got fed
up with it and blocked it at the firewall. And according to my firewall, it's
still trying to make requests. That tells me that whatever it is, it's
running unattended. And several other people running Gemini servers have
reported seeing the same client hammering their systems as well.

Now, while the requests average out to about one every two seconds, they
actually come in bursts—a metric buttload pops in, a bunch fail to connect
(probably because of some kernel limit) and all goes quiet for maybe half a
minute before it starts up again. Had it actually limited the requests to one
every two seconds (or even one per second) I probably wouldn't mind as much.

As it was though, quite a large number of the requests were malformed—it
wasn't handling relative links properly, so I can only conclude it was
written by the same set of geniuses that wrote the MJ12Bot [3].

Sigh.

On the plus side, it did reveal a small bug in the codebase [4], allowing
some of the malformed requests to be successful when they shouldn't have
been.

[1] gopher://gopher.conman.org/0Phlog:2019/07/09-12
[2] https://gemini.circumlunar.space/
[3] gopher://gopher.conman.org/0Phlog:2019/07/10.1
[4] https://github.com/spc476/GLV-1.12556/commit/42f7c6f51bb27ce527569ce0d50c4daf7dcaac44

Email author at [email protected]

You are viewing proxied material from gopher.conman.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.