Knock it off!
Hey, can the folks at 132.3.57.68 , which seems to be an Air Force network operations center, please stop hammering my blog? Not sure what y’all are looking for or trying to do here, but if you would contact me directly, I’d be happy to help you out. In the mean time, though, my web host would really appreciate it if you’d stop doing all the aggressive GETs on my site. It’s playing havoc with their servers.
Thanks!
UPDATE: Hey, it seems like someone in 754th Electronic Systems Group is taking an extreme interest in this blog for some reason. From public records, someone in either Montgomery, Alabama, or Henderson, Nevada, or Colorado Springs, Colorado. But, I still have no idea why they’d be interested in this blog. Anyone have any ideas?
The possibilities are endless…
1. The folks at Creech AFB, also in NV, were having problems with a virus. Their systems were supposedly “off the ‘Net” but perhaps the virus found a Bluetooth connection somewhere. What makes that possibility worrisome is that the computers in question were connecting pilots with the UAV drones over Afghanistan (and points nearby). Then again, they cook a LOT of tungsten in Henderson.
2. Maybe someone in 754 ESG has built has built a cluster for gathering intelligence like that supposedly rogue cluster of IP addresses in China. It would be an homage to the Chinese but then one can always find the “really good” ideas in computing (and intelligence, it seems). They get get stolen, copied or… well, licensed… eventually.
3. Most likely? Something at 754 ESG got pwned!
What got them interested in YOU is anybody’s guess. Other than being a connoisseur of interesting geekery, you seem pretty ordinary.
~Speaker
Comment by DJ Brown — 2/7/2012 @ 9:02 am
I suspect that it’s not a virus. From the logs, which I didn’t share, it looks like a valid webcrawler of some kind.
Not to brag or anything, but, in the past, this blog has been pretty popular with government sysadmins. I used to manage some fairly large Novell networks and many sections of the U.S. government still run Novell servers. In fact, until about two years ago, I used to get approached pretty regularly for government jobs and contracts because of my Novell experience.
I suspect one of two things. Either they’re watching my blog due to the fact that I talk about security and security violations on a regular basis, or the government sysadmins find my blog useful because I tend to work on a shoe-string budget, too. And, since I believe in the dictum that one should never suspect malice when simple selfishness and carelessness are more likely explanations, I think someone is archiving and crawling my site without realizing the spike they’re generating on my web hosts servers.
Comment by the Network Geek — 2/7/2012 @ 10:53 am