There Is No Cat

Groovy '60s Sounds from the Land of Smile!

Friday, July 28, 2006

Escalation

The spammers seem to have, at least partially, discovered my new field names. The volume has been increasing steadily in recent weeks. It seems to take them a while to parse them out, though; it doesn't happen immediately. So I've implemented yet another anti-spam tactic. I'm changing the comment form field names every day.

I'm not doing this manually, mind you. I wrote a small perl script to create the names from words chosen at random (or as random as you get in perl) from the /usr/share/dict/words dictionary file that comes with most copies of UNIX®. I use that script to create a small PHP file defining variables containing the new file names. It's pretty simple:

#!/usr/bin/perl -w

$outpath = "/usr/home/foo/";

$outfile = $outpath . "fieldnames.php";

@fields = qw(name email userurl);

$dict = "/usr/share/dict/words"; 
$bytes= -s $dict; 
open IN, $dict;

open(PFIELDS, "> $outfile");

print PFIELDS "<?php\n";

for ($i=0; $i < 3; $i++) {
	seek(IN,rand($bytes-11),0);
	$_=<IN>;
	$_=<IN>;
	chomp $_;
	print PFIELDS "\$", $fields[$i];
	print PFIELDS "=\"";
	print PFIELDS $_;
	print PFIELDS "\";\n";
}

print PFIELDS "?>";

First I define the directory where the file defining these variables is going to live. I place this outside of the web directory for security reasons. The @fields array defines the three fields I'm creating names for. I open the dictionary file, then the output file, then print the beginning of a PHP wrapper. Then I loop three times grabbing a random word and associating it with one of the fields defined in the @fields array. Output the closing PHP wrapper and it's soup.

The result is a small PHP script like this:

<?php
$name="cafiz";
$email="formlessness";
$userurl="floweret";
?>

This is then included into the various files that run commenting.

At a particular time every day, the perl script above runs, creating a new set of random words associated with the fields, which are then automatically incorporated into my pages.

This won't stop drive-by spammers, but I don't honestly see many of those these days. The spam all seems to come from zombie PCs; similar spams coming from a bunch of different IP addresses. They don't seem to actually access the pages in question, just submit POST requests containing a set of variables that equal whatever the field names for the comment form were whenever whoever configures the zombie controller configures it to spam There Is No Cat. I'm hoping that changing the field names every day will stop the spammers, as their configurations will pretty much always be out of date.

That's the idea, anyway. We'll see if it works. If you have any problems commenting on the site, let me know via my contact form. If this doesn't work, I may just shut off comments completely. I've been pretty lucky up to this point; writing my own content management system has given me a certain level of immunity to automated spam (I know this because my spam levels here are still well below those on another site I run using WordPress, although I moderate all comments there, so none of them show up on the site). That's less and less the case now. Feh.

Tags:

Posted at 6:16 AM

Comments

Note: I’m tired of clearing the spam from my comments, so comments are no longer accepted.

What a quirky idea...I'll be keeping my fingers crossed!

Posted by Elaine at 1:37 PM, July 28, 2006 [Link]

Sounds like "Star Wars" to me...

Posted by BarbraAnn at 2:38 PM, July 28, 2006 [Link]

Nasty spamersssss

Mash them, bash them, boil them in a stew, bake them in a pie for me and you

Posted by Shelley at 2:43 PM, July 28, 2006 [Link]

It worked!

Posted by Shelley at 2:44 PM, July 28, 2006 [Link]

That worked, too!

Posted by Shelley at 2:44 PM, July 28, 2006 [Link]

Never mind me...I just like watching the backgrounds change.

Posted by Shelley at 2:44 PM, July 28, 2006 [Link]

You know, Shelley, there is a set of links over the in left where you can change the backgrounds as much as you want.... :-)

Posted by ralph at 3:54 PM, July 28, 2006 [Link]

But it's more fun to clutter up your comment space.

Wheeee!

Posted by Shelley at 4:16 PM, July 28, 2006 [Link]

Trackbacks

This site is copyright © 2002-2024, Ralph Brandi.

What do you mean there is no cat?

"You see, wire telegraph is a kind of a very, very long cat. You pull his tail in New York and his head is meowing in Los Angeles. Do you understand this? And radio operates exactly the same way: you send signals here, they receive them there. The only difference is that there is no cat."

- Albert Einstein, explaining radio


There used to be a cat

[ photo of Mischief, a black and white cat ]

Mischief, 1988 - December 20, 2003

[ photo of Sylvester, a black and white cat ]

Sylvester (the Dorito Fiend), who died at Thanksgiving, 2000.


Stylesheets


This site is powered by Missouri. Show me!

Valid XHTML 1.0!

Valid CSS!

XML RSS feed

Read Me via Atom

new host

Me!

Home Page
Resume
Married
Photographs
Flickr Photostream
Instagram Archive
Twitter Archive

last.fm

There Is No Cat is a photo Ralph Brandi joint.


Archives

Search



Family Blogs

Geneablogy
Jersey Girl Dance
Awakening
DullBlog
Mime Is Money

Blogs I Read

2020 Hindsight
AccordionGuy
Adactio
Allied
Apartment Therapy
Assorted Nonsense
Backup Brain
Burningbird
Chocolate and Vodka
Creative Tech Writer
Critical Distance
Daily Kos
Dan Misener likes the radio
Daring Fireball
Design Your Life
design*sponge
Doc Searls
Edith Frost
Elegant Hack
Emergency Weblog
Empty Bottle
Five Acres with a View
Flashes of Panic
Future of Radio
Groundhog Day
Hello Mary Lu
iheni
Inessential
Interllectual
Jeffrey Zeldman Presents
Jersey Beat
John Gushue ... Dot Dot Dot
john peel every day
JOHO The Blog
Kathryn Cramer
Kimberly Blessing
La Emisora de la Revolucion
Lacunae
Loobylu
mamamusings
Medley
mr. nice guy
MyDD
Orcinus
oz: the blog of glenda sims
Pinkie Style
Pinkie Style Photos
Pop Culture Junk Mail
Seaweed Chronicles
Shortwave Music
Slipstream
Talking Points Memo
The Unheard Word
Tom Sundstrom - trsc.com
Typographica
Unadorned
Vantan.org
WFMU's Beware of the Blog