dstiles - 10:02 pm on Aug 21, 2010 (gmt 0)
People are reluctant to disclose this kind of information as the bad guys may be watching.
Basically, kill server farms and clouds (by IP), allowing only known good bots in. Use a country-based IP database to ban countries. Look carefully at user-agents and headers to anticipate new problems.
And read the back numbers of this forum. :)
As I noted in another topic, in the UK we get FAR more "illegal" accesses from the USA than from our own country. Which is logical given the larger numbers involved. proportionally there are potentially a lot more USA users with contaminated computers and the country also has a lot of serverfarms / clouds. Add the willingness of some net block operators to hire out to the bad boys. Which isn't to say we don't have that problem in the UK, just that the problem is smaller due to lower population and resources.
If they are real people looking at your site then I wouldn't worry.
If you're not trading in the countries you mention then block them: in particular a lot of bad stuff comes from China, Korea, Vietnam, Indonesia, Russia, Ukraine, Romania... It's a long list. :(
As to Kosmix, if you're trading in USA then allow it. I haven't had any bad experiences with it here (UK) and it's not a frequent visitor (to me) in any case (11 hits so far this month across a few dozen sites). If you're not in the USA then block it.