Blog Tags: 

Some spam bots are human

Out of curiosity I've taken a look at what kind of spam is now getting through our automated defenses. I did a little digging and confirmed a long held suspicion.

In a nutshell, I've caught a 100% human spammer and thus verified that indeed there are people in China who's job it is to post comment spam on random websites.

The attack came from 120.43.13.81, a Chinese IP.

On Jan 12th 8:53:02 he first came to our site from Google. He was searching for:

"post new comment Create new account site:.org"

Landing page:

comment spam countermeasures (mollom, honeypots, hashcash, bad behavior)

The spam situation has recently gotten a bit out of hand and automated defenses have been giving in.

I've taken a close look at the problem and implemented a gauntlet of spam countermeasures that I'm hoping will give us back the upper hand for a while longer, without compromising on the user experience.

Previously, we only used mollom to filter out comments by anonymous users. This was easy to get around for two reasons:

Blog Tags: 

The DDoS spam bot from hell (a suburb of China)

Happy new year everyone,

I'm back online to put out a fire. My inbox was full of alerts that the CPU on the server that runs the site was maxing out.

Well boys and girls, it turns out www.turnkeylinux.org has been under an escalating distributed denial of service attack that started about two weeks ago. To the best of my knowledge the site continued operating normally. We use a ton of caching. Did any of you notice a slowdown?

Time for a human readable privacy policy?

Up until now TurnKey hasn't had an explicit privacy policy, and that seemed ok because no one ever asked about it. But now that the latest release integrates TurnKey appliances more closely with the TurnKey Hub (e.g., TKLBAM, geo-ip auto apt mirror) and the Hub gets access to sensitive data as part of its normal operation, I felt it was about time we gave this some more thought.

Headless PHP Drupal script deletes spam zombie user accounts

For for the last few months automatic bots have been creating hundreds of zombie accounts per day on the TurnKey web site. I'm not sure why they bother. I assume it has something to do with spamming, but they never log in. Besides, spam almost never gets past our content filter (Mollom) and when it does we always nuke it. Zero tolerance.

Brains...

Meanwhile these zombie accounts are polluting my precious database, and that bothers me. Besides, call me prejudiced, but I just hate zombies. You're either alive or you're dead. Pick a side!