Re: Interactive Docs

This WebDNA talk-list message is from

2007


It keeps the original formatting.
numero = 68755
interpreted = N
texte = Donovan Brooke wrote: > Could be.... but usually slow spam stuff is related to remotely linked > graphics. This is all text spam. I'm afraid there's one or more new player(s) on the spam field recently. And he/she/they do it different; with a zombie network almost as big as every unprotected computer on the web and using it to post spam all over the internet. Text spam may seem rather harmless but imagine the poor server having to retrieve a megabyte of data from the database every time it's asked to deliver a page. Still not enough to slow it down? Let's try ten megabytes... or a hundred - or a gigabyte. If the server somehow is powerful enough to handle the load it just means the visitor's computer will be the one to get a nervous breakdown. Of course, with WebDNA there's also the problem that sooner or later the database gets so big it can't be cached anymore so it'll have to be retrieved from the harddisk every time it's used. > But hey, a simple test would be to get rid of the spam. It would indeed. How much chance is there that SMSI will actually try to do anything about it at this point? --- Btw, a few tips to anybody who's in charge of a message board/feedback function or anything like that: 1) If you get spammed, deal with it immediately! Apparently the whole spam scam works by zoombiefied computers posting bogus messages on anyything they stumble across that looks remotely like a submission form, then it ambles around trying to find if the post has actually been added to some web page somewhere. If you can manage to remove the spam before it's found, you should be safe ... until next time they stumble across the page. Once the network has positively identified a message board like function on the web, the spamming slowly but surely grows in intensity. 2) A typical WebDNA based feedback function contains two critical URLs: one with the submit form and one with the write code. The spambots will attack *both* these URLs so any scheme that only protects one link in the chain will fail. 3) I have no experience in this myself but I think somebody else here mentioned that a simple, basic capchat doesn't help much. (I assume "basic" in this case means one with a static and limited number of graphics.) 4) Be aware that the spam attacks won't go away even if you remove the attacked pages completely. If anything, the attacks seems to intensify when the forum is gone, effectively turning it into a DOS attack on the server. Fortunately servers today are usually powerful enough to shrug that off ut it may be an idea to put blank pages at the attacked URLs rather than leave it to the 404 to deal with it. 5) The fact that the attack continues indefinitely even after you've removed the forum means that you should not use those specific URLs again - or at least never ever put anything with a
tag there. Frank Nordberg ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Interactive Docs ( Frank Nordberg 2007)
  2. Re: Interactive Docs ( Donovan Brooke 2007)
  3. Re: Interactive Docs ( Frank Nordberg 2007)
  4. Re: Interactive Docs ( Donovan Brooke 2007)
  5. Re: Interactive Docs ( Frank Nordberg 2007)
  6. Re: Interactive Docs ( Donovan Brooke 2007)
  7. Re: Interactive Docs ( Gary Krockover 2007)
  8. Interactive Docs ( Donovan Brooke 2007)
Donovan Brooke wrote: > Could be.... but usually slow spam stuff is related to remotely linked > graphics. This is all text spam. I'm afraid there's one or more new player(s) on the spam field recently. And he/she/they do it different; with a zombie network almost as big as every unprotected computer on the web and using it to post spam all over the internet. Text spam may seem rather harmless but imagine the poor server having to retrieve a megabyte of data from the database every time it's asked to deliver a page. Still not enough to slow it down? Let's try ten megabytes... or a hundred - or a gigabyte. If the server somehow is powerful enough to handle the load it just means the visitor's computer will be the one to get a nervous breakdown. Of course, with WebDNA there's also the problem that sooner or later the database gets so big it can't be cached anymore so it'll have to be retrieved from the harddisk every time it's used. > But hey, a simple test would be to get rid of the spam. It would indeed. How much chance is there that SMSI will actually try to do anything about it at this point? --- Btw, a few tips to anybody who's in charge of a message board/feedback function or anything like that: 1) If you get spammed, deal with it immediately! Apparently the whole spam scam works by zoombiefied computers posting bogus messages on anyything they stumble across that looks remotely like a submission form, then it ambles around trying to find if the post has actually been added to some web page somewhere. If you can manage to remove the spam before it's found, you should be safe ... until next time they stumble across the page. Once the network has positively identified a message board like function on the web, the spamming slowly but surely grows in intensity. 2) A typical WebDNA based feedback function contains two critical URLs: one with the submit form and one with the write code. The spambots will attack *both* these URLs so any scheme that only protects one link in the chain will fail. 3) I have no experience in this myself but I think somebody else here mentioned that a simple, basic capchat doesn't help much. (I assume "basic" in this case means one with a static and limited number of graphics.) 4) Be aware that the spam attacks won't go away even if you remove the attacked pages completely. If anything, the attacks seems to intensify when the forum is gone, effectively turning it into a DOS attack on the server. Fortunately servers today are usually powerful enough to shrug that off ut it may be an idea to put blank pages at the attacked URLs rather than leave it to the 404 to deal with it. 5) The fact that the attack continues indefinitely even after you've removed the forum means that you should not use those specific URLs again - or at least never ever put anything with a tag there. Frank Nordberg ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Frank Nordberg

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Help! WebCat2 bug (1997) two unique banners on one page (1997) Some Advise needed (1997) ConvertChars (1998) Sitebuilder (2004) [WebDNA] Sorry WebDNA server not running. (2017) WebDNA-Talk Digest mode broken (1997) Formulas.db (1997) Strange Form Occurrence on Log In Pages (2005) Setting up shop (1997) Converting order file to database (1998) RE: Languages (1997) Proper file locations (1997) Calendar (1997) WebCat2b12 CGI Mac -- Problems propagating the cart through frames...still (1997) HELP!!! (1998) help on brickwalls (2003) Re:Running 2 two WebCatalog.acgi's (1996) unable to launch acgi in WebCat (1997) NetSplat and WebCat2 (1997)