To the Ministry's main lobby The Ministry Blog
concert setlists

1 February, 2005

Link spamming from the other side

The Register features an interview with a comments spammer (aka ****ing parasite), anonymous but unashamed.  It's the expected mix of self-justification (apparently it's all the search engines' fault) and 'nothing personal, mate' insincerity, but there are a couple of interesting points.

It's no surprise that comments spammers exploit unsecured proxies i.e. redirect attacks via underprotected servers, so their true IP addresses are masked. No surprise, but hopefully a reminder that online security is important beyond just protecting against viruses. As I've said earlier, I'd support the idea of network administrators banning unsecured computers from all internet connectivity. Cars without adequate brakes or exhaust systems (see the pollution analogy?) wouldn't be allowed on the public highway, so why allow computers to jeopardise others?

One of the spammers' tricks is to identify the folder and script names associated with blogging packages, which firstly assists in identifying targets and secondly provides routes to comment 'by the back door' i.e. avoiding the usual user interface to post comments straight to the database. This can be avoided by renaming key files/folders (I've done that to some extent, but I should have done it at installation - some can't change now), which set me thinking.
Would it be technically possible for publishing packages to generate unique names for each installation, at first installation? For example, rather than every single installation of Movable Type calling its comments script 'aardvark.pl', a given installation might call it '5j3e5p.pl'.

Incidentally, MT-Blacklist has stopped 147 spam attempts within the last 75 minutes.

.
Site Home Tull Tour History Annotated Passion Play
.
Day in the life... Page design and original graphics © NRT, 2003