Yeah, I’m pissed. Really pissed. When does comment spam become a DDOS attack? There’s a fine line, and some a**hole crossed it this morning.
I knew there was a problem when I sat down to eat my cereal and read the news this morning and the Windows XP Home login screen told me I had 1,134 unread emails. Thunderbird confirmed it: we were under seige some some dumba** pushing “texas holdem poker.”
Gadgetopia essentially came down. He was firing spams at the site from a pool of IP addresses (probably a zombie network). The Movable Type admin interface wouldn’t respond (“ObjectDriver Error: too many connections” — MySQL was evidently in great pain). I tried to get through to phpMyAdmin to delete them through SQL, but that wouldn’t come up either.
When I got into the office, Joe and I got a command line on the box via SSH. It was ve-e-e-e-ry slow. “top” told us that it was running at about 50 times the normal load, and the process list was filled with “mt-comments.cgi” and “mysqld.”
We changed the permissions on mt-comments.cgi to 644, and killed all the existing processes. The load on the box slowly returned to normal.
The final damage was 1,710 comment spams from 173 different IP addresses. MT-Blacklist stopped virtually all of them from appearing on the site. It also prevented a rebuild of the pages, which helped a little too.
(The ironic thing was that he put the hyperlink in an A tag and I strip HTML, so even if the comments had appeared, the hyperlink wouldn’t have shown up.)
The final mess to clean up is my email account. I now have 1,700+
messages on an IMAP server which is none too pleased about it. Deleting 1,700 messages at a time isn’t a quick operation.
Comments are still down. We’re watching the logs and he’s still trying — we have an attempt as recently as 20 minutes ago. We’ll try to get them back up later today.
Well, here we are at #4,000. This puts us just 1,000 posts away from our stated goal of 5,000. Along with the 4,000 posts, we have 6,050 comments as of this writing, and that's very cool. We appreciate all the interaction everyone has with the site. Interestingly, we…
Pacific Views: Comment Spammers: Somebody pointed this out in their blog regarding my post about the Texas Holdem guy. I've found something that I think is an even greater insult to the blogger about these crappy spammers. I found a site using Google ads with a post complaining about one of…
I don't mean to go on another rant about comment spam, but I'm suffering under another deluge on my personal site. While the Texas Holdem spammer was a blitzkreig, another spammer has deanebarker.net under slow siege. Someone out there is posting a spam comment to my site twice per hour,…
Home PCs rented out in sabotage racket: This is just hideous. Now they have "zombie brokers" that will rent you a zombie network they've created. Vast networks of home computers are being rented out without their owners' knowledge to spammers, fraudsters and digital saboteurs, security experts say. The terminals…
You've really got to wonder about the intelligence of jerks like this; they think they've found a new way to "get their word out" and they hammer it so hard it brings the server the site is running on to its knees. What does that accomplish, other than alerting and majorly ticking off the site admin who wipes every shred of the jerk's work from the site?
I had a mail server get its anti-spam prefs accidentally wiped once; by the time I had put a stop to it spammers were pumping about 15,000 messages an hour out of the thing, which pretty much brought the server down. If not for the sheer volume going through it I may not have noticed that going on for quite a while; the way they did it only brought it to my attention more quickly, thus shutting down their "free" mail server.
I guess it all goes back to the idiotic 0.01% who actually respond to these bozos. I'd like to get my hands on anybody who actually spends money on something they hear about through spam. Grrr.
I'm a nobody, and I got a few dozen of these some day last week! Really irritating--makes you want to innovate your blog antispam software...
I'm having about 200 hits from this spammer AN HOUR the last weeks. I'm serious when I say this: if I ever get my hands on this guy, I'm gonna beat the crap outta him. Over 2 Gigs of expensive traffic last month went to Texas Bullshit poker - I'd kill him and rape his skull for sure...
calmdown ;-)
likewise, I would like to beat the effing ess out of this sob and his pos life. Forgive the overt irritation. Over two thousand comments from him, and medicine spam comments are a whole nother story.
The same asshole has been hitting me and all the sites I have. I finally got stuff in place to stop the comment spam so now the shthead has went to making them trackbacks. I tried complaining to my domain provider to see if they could help me and they can't. The site is registered through an anonymous domain registrar who has refused my request for contact information on the domain registrant. If you guys find him, let me know, I'll join the mob and help you beat their as
I looked up the site on the web and there are 2 e-mails in the comments area. I was thinking of signing them up for every porn site I could find. Maybe if we all do that they'd get the point?
Maybe I am misunderstanding the issue here, but could you have a graphic with text in it that needs to be typed entered in order to post a comment. Ticketmaster does this when ordering tickets.
A blog (http://www.supakoo.com/rick/ricoblog/) of a friend of mine has this feature.
