Domain: neilgunton.com
Stories and comments across the archive that link to neilgunton.com.
Comments · 14
-
Zombie spambots are attacking my site as we speak
Funny this story should come up today. My community website has been getting attacked for the last couple of days by a botnet (I think) of zombie computers. I wrote the Spambot Trap article that was published here in 2002, and I've been using the trap successfully to block spambots ever since. Usually, the block list is a couple of dozen repeat offenders. But day before yesterday, it suddenly spiked up - there were dozens of spambots coming in from all kinds of different IP addresses. I'm pretty sure it's a botnet of zombies, because a) they all report exactly the same User-Agent, and b) they all come in directly to the guestbooks and forums (probably using a search engine) and c) all the IP addresses resolve to dialup, cable or DSL accounts (some businesses too). It's getting a bit much, because the block list has suddenly ballooned to over 160, constantly changing. The trap is coping ok, because the blocks will fall off after a while (the block time goes up as the power of 2 for each repeated offence). I have added some logfile snapshots to the article. (Look down the page to see how the number of blocks has suddenly increased in the last couple of days, and also notice how all the browsers are identical). I think this is some kind of virus that may still be spreading, because the number is only increasing.
Anybody else seeing this kind of stuff happening? -
Zombie spambots are attacking my site as we speak
Funny this story should come up today. My community website has been getting attacked for the last couple of days by a botnet (I think) of zombie computers. I wrote the Spambot Trap article that was published here in 2002, and I've been using the trap successfully to block spambots ever since. Usually, the block list is a couple of dozen repeat offenders. But day before yesterday, it suddenly spiked up - there were dozens of spambots coming in from all kinds of different IP addresses. I'm pretty sure it's a botnet of zombies, because a) they all report exactly the same User-Agent, and b) they all come in directly to the guestbooks and forums (probably using a search engine) and c) all the IP addresses resolve to dialup, cable or DSL accounts (some businesses too). It's getting a bit much, because the block list has suddenly ballooned to over 160, constantly changing. The trap is coping ok, because the blocks will fall off after a while (the block time goes up as the power of 2 for each repeated offence). I have added some logfile snapshots to the article. (Look down the page to see how the number of blocks has suddenly increased in the last couple of days, and also notice how all the browsers are identical). I think this is some kind of virus that may still be spreading, because the number is only increasing.
Anybody else seeing this kind of stuff happening? -
Re:PHP != Crap Code
You're right, I did have to code the URL generation routine myself... but the code itself is really trivial (the hard part was thinking of the right way to do it), and yes, it is very portable to other contexts. I also think that the arguments for Java solutions can be applied equally to LAMP, particularly Perl, largely because of the existence of CPAN. I can code up some very powerful stuff very rapidly because just about anything you might need to do is probably already up on CPAN as a module. However that's another (probably endless) discussion - I think which language to use is a matter of taste and style, if you know what you're doing then you can write scalable apps in most any of them.
The stuff I did in Perl isn't really onerous at all, at least no more than any other framework out there, with the added benefit that I have full control over its behavior, and I don't inherit a lot of bloat that I don't need. Making sure to call a particular routine whenever you want to generate a link isn't hard, and as a whole it was fun to do... I keep thinking I should write this stuff up, because I don't think I've seen this approach talked about much (if at all - about all you see is the talk of using a reverse proxy, which itself is more than most people seem to be aware of)...
Ironically, I was driven to do this work with reverse proxies after my first slashdotting - the mod_perl backend was getting hit for every request, and about 40,000 people came to visit! ;-O
http://www.neilgunton.com/spambot_trap/
Subsequent slashdottings have been no problem, though they haven't actually hit crazyguyonabike itself (yet...)
Fun stuff! :) -
Making them Pay
How about Stopping Spambots?
-
Re:Summary
Subjective reasoning is not evidence. Sorry, try again.
The reality of what tends to happen is that very few people ever actually read the source code of OS products, much less modify it. And if the bug happens to get past the original developers, there is very little chance that a stranger to the code will find it. Thus we come back to the traditional model of reporting "I'm having this problem" and the developers responding, "Sorry, that's a bug. We'll fix it when we get a chance." (Actually, developers are rarely that polite, but you get the idea.)
Reference:
http://www.neilgunton.com/open_source_myths/#under _the_hood
http://discuss.fogcreek.com/joelonsoftware/default .asp?cmd=show&ixPost=139833
http://www.onlamp.com/pub/a/security/2004/09/16/op en_source_security_myths.html -
Goodbye Google?
This may be a little off-topic, but it's been on my mind recently so I thought I'd mention that I recently blocked Googlebot from my website. Why? Because they were using a new version of the bot that was requesting pages WAY too rapidly, as in tens of pages every second. This new version pretends to be a "real" browser (using the "Mozilla (compatible)" format). The old version (User-Agent begins with "Googlebot") was also present, and requesting pages politely. I think this new version was part of their recent effort to regenerate their index and "deep scan" websites, because it was shortly after this that they advertised their index doubling in size.
There were other issues as well as the rapacious spidering (which reminded me of some of the worst spambots out there), but I won't go into the details here. I didn't get any satisfactory resolution from Google when I tried contacting them.
Website suicide? I don't know. All I do know is that Google seems to be fulfilling my biggest fears - they are going downhill as they get bigger. Funny how the bigger a company gets, the more it tends to suck. Also, having an IPO is never a good thing, in my experience - it always leads to short-termism and corporate decisions based more on the bottom line than what's actually good for the users. Sure, any company has to look after its shareholders and investors, but they never seem to really grok that being so focused on the short-term negatively impacts things in the longer term, particularly if it loses you goodwill in the userspace. Also, as a company grows you do tend to get the sort of braindead, clueless decisions coming out that we apparently see here.
So now we have Google restricting what we can do with old Usenet posts... didn't they buy up all the archives for this stuff a while back? This would appear to give them some amount of power, but also (they should realize) responsibility as stewards of the past. This is not something that they are simply indexing on someone else's website, it's data that they actually own. But in this case it's not really their data at all - it's the community's.
Google seems to be slowly using up the goodwill they built up since 1998 when they came onto the scene, a small, fast, simple, charming and relevant search engine that kicked ass. Why can't a company just keep doing what it does well, and be satisfied with that? Why does everything have to eventually grow, expand, gobble up other companies, and then inevitably start to suck?
Never mind... for now, Goodbye Google. -
I hate the particular page, it's old FUD.Hello, Neil, I'm one of the kinds of people who perpetuate your "myths". You should spend more time on a Linux desktop or reading about free software. A nice little KDE 3.2 desktop will take some of the scales out of your eyes. Reading a few pages at the free software foundation, will show you that you are treading very old ground. In the mean time, I'll be happy to take on your list one, one by one.
- "Don't complain." Sure, complaining is not criticism or bug report filing. People should not complain about free software any more than they should look any other gift horse in the mouth. Bug reports and constructive email rock. People should not be encouraged to "complain"
- "Open Source software allows you to get under the hood and fix problems." God, but that's old FUD. Sure, the "average user" won't go coding. That does not make the software less free or that freedom any less of a blessing. He might as well take the next step and claim that free software will never make a friendly interface / GUI / usable kernel etc. Oh wait, he does.
- "All software should be free" Uses a false analogy to argue that no software should be free. Software can be coppied without cost. The choice between free and non free software that do the same thing should be obvious to anyone. Because of this all software should be free and what is not will be sooner or later. "all code can somehow be developed for "free", without there being a price to be paid somewhere" Nope, there's no price to be paid with free software because there's no force involved. If free software does something you want, you are free to use it, modify it and share it. Generally, using free software as a base for your own projects saves time and money. Giving back your modifications costs little or nothing.
- "Open Source software is always better than closed, proprietary software" I can say that free is better. I can also say that free software, despite Neil's FUD, develops quicker and becomes technically superior in time. KDE and GNome both kick Winblows ass, despite M$'s laser sharp attention to
... their bottom line. I'm not sure what you are using Neil, but newer stuff is better. - "Scratching the personal itch" - Yawn, I'm getting tired of this guy saying that there are no free user friendly tools. A good example of itch scratching working is gphoto2 and digikam. Digikam is KDE's digital camera front end and album keeper. It gets it's power from hundreds of camera drivers found in libgphoto2, which in turn was made possible by thousands of people scratching very personal itches, sometimes over $40 cameras. There's nothing like it in the commercial world and I expect it to continue to get better. When software is released GPL, everyone wins and it goes all the way back to the average user's desktop.
- "More choice is always better" He acts like preselection of reasonable options does not exist. Neil, go get a copy of Knoppix of Mepis and see that a distribution can be made on a single CD that does EVERYTHING even the power user such as yourself could want. Amazing how all that "bloated", "designed by committee" software can do what no laser focused commercial software maker can, isn't it?
- "Conclusion: It's Not So Simple". My conclusion is that Neil needs to check out some more free software. Anyone who still thinks that Windows has better interfaces is missinformed. Also, no one really thinks that "Sometimes restricting the choices might not be a bad idea." when it comes to themselves. Neil might be afraid of a free software desktop, but I'm sure he's glad he can have one if he changes his mind.
I've heard most of this stuff for years. Some of the user interface issues were once true, but they are no longer. Gnome back in 1998 was about as good and in many ways better than Windows 98. The people in Redmond would love for free software users to read this kind of tripe and n
-
It's worth looking at the rest of his site...
...and you'll find he *is* part of the community that he's talking about. see http://www.neilgunton.com/ and especially http://www.neilgunton.com/reasonsfor details.
-
It's worth looking at the rest of his site...
...and you'll find he *is* part of the community that he's talking about. see http://www.neilgunton.com/ and especially http://www.neilgunton.com/reasonsfor details.
-
Re:Uh huh.
No... He's an OSS advocate... http://www.neilgunton.com/reasons/
-
Re:Full of shit.This guy is full of shit and has no idea of what he is talking about.
What do you expect from someone who used to be an Assistant Vice President at Bankers Trust Co...
-
Generosity. Progress. Grow up, Neil.
Wow, that is one awful article.
The whole reason we have such great things as Perl is because some very smart people had an itch or two to scratch, and let us all have the results of their great work for free. That's called generosity.
If some of these very same people are now excited about other approaches to the problem, who are you to whine about them "breaking" things? Especially when the things you like and consider "good enough" are still available, for FREE, for you to use for the rest of your life?
When these very smart people go back to the drawing board and make something new, it usually results in something called progress.
"Ok, so Perl 5 will still be supported, but was it really so necessary to do the total rewrite and break the old code?"
Sorry, but until you are paying all these people for their time, it's really not yours to ask whether their projects are "necessary." If you don't feel like writing a new mysearchbot for Perl6, that's your business.
As for the Microsoft example, don't you think it's a little naive to consider the business model of a huge software company and the motivations of open-source developers in the same breath?
"When you rewrite you are abandoning history and condemning yourself to relive it."
Sweet. I wish you'd put that in a <blink> tag.
-
Re:Why is evil stronger?
You should see Neal Gunton's spambot_trap page. The side of good is fighting back...
-
Back to the start...
In hindsight, if you could start afresh and redesign the protocols and software on which email is based, and influence any relevant ISP policies & user education, how would you do things differently to deal with the problem of SPAM?? And, of these areas, which is the weakest link in the spam-war?! Not part of the question: Why don't all webmasters add SpamBot traps to their websites....?