Those spammers sure are a tenacious lot.

Posted by Les on Friday, March 02, 2007 at 02:39 AM. Read 646 times. Tags: , ,
{name} pic

So the experiment with running both Akismet and Bad Behavior 2 anti-spam systems with ExpressionEngine seems to be working out pretty well. Akismet is even managing to stop around 95% of those useless comment spams that consist of nothing but random characters that serve no purpose at all and on the ones that make it through I just close the comment and then use the Akismet module to mark it as spam and delete it which helps to cut down on how frequently those make it through in the future.

Bad Behavior doesn’t really outwardly show anything when it’s working, but it does keep a table in the database with all the comments/trackbacks that it has rejected. This makes for interesting browsing on occasion because it reveals just how much activity the spammers engage in. Consider these simple facts: The total size of the mySQL database that makes up not only SEB but the other 6 blogs I run for family members and such is around 78.7MB in size. The total current size of the Bad Behavior log table in the database is 13MB. The total size of the table that holds every single one of the 7,700 (counting this one) entries from every single blog is only 14.1MB.

Here’s the kicker: The Bad Behavior 2 system only keeps 7 days worth of activity so that’s 13MBs over 7 days making it the third largest table in the database.

What’s the first? The table that holds the 58,274 (combined) comments. That table is 42.4MBs. Damn, but you people are a chatty bunch.

Anyway I just thought that was somewhat amazing and seeing as it’s almost 3AM and I’m still awake for no good reason I thought I’d take a moment and share it with you.

Permalink · 12 Comments · · · · · · · · · ·

Comments:

Page 1 of 1 pages

Bog Brother United States Posted on 03/02/2007 at 07:42 AM

Bog Brother pic

For some reason, all I can think of is: “Bloody Vikings!”

 Signature 

I will not attack your doctrines nor your creeds if they accord liberty to me. If they hold thought to be dangerous - if they aver that doubt is a crime, then I attack them one and all, because they enslave the minds of men.

-Robert G. Ingersoll

decrepitoldfool United States Posted on 03/02/2007 at 09:02 AM

decrepitoldfool pic

42 megs of plain text - Wow.

One of those random-text spammers keeps hitting a certain old post of mine.  I keep banning IP addresses, thought about closing comments on that post (it’s not a big-deal post or anything) but maybe they’d spread to other posts.

But why spam random strings?  Maybe it’s a proof of concept, building up to something.

Ragman United States Posted on 03/02/2007 at 12:45 PM

Ragman pic

Damn, but you people are a chatty bunch.

Stupid Evil Blah.  Blah blah, blog blah.
Yakkity yak, we talk back!
wink

But why spam random strings?  Maybe it’s a proof of concept, building up to something.

Maybe they’re testing the sysop’s response to it.  Checking to see who lets it slide so they’ll target those sites?

Les United States Posted on 03/02/2007 at 02:55 PM

Les pic

The two theories I come up with on the random strings nonsense are: 1) They’re testing a new automated spam script that can handle captchas or 2) they’re attempting to poison the anti-spam filters by conditioning them to random characters.

 Signature 

When one reads Bibles, one is less surprised at what the Deity knows than at what He doesn’t know.
-- Mark Twain

Webs United States Posted on 03/02/2007 at 04:09 PM

Webs pic

The two theories I come up with on the random strings nonsense are: 1) They’re testing a new automated spam script that can handle captchas or 2) they’re attempting to poison the anti-spam filters by conditioning them to random characters.

Damn those are two good theories!  Probably a mixture of both in reality.

13mb in 7 days for a SQL file is HUGE!!!  But hey, at least you’re popular!

 Signature 

Brother Spikey Mace of Patience

Unitarian Jihad Name: Get Yours
Unitarian Jihad Background

TheJynXeD United States Posted on 03/02/2007 at 10:09 PM

TheJynXeD pic

From a little research...it appears that it is mis-configured spamming software. They are spamming you in a language other than US-English, and the content shows up as gibberish. It’s happening at other sites as well. Although your other theories are also possibilities. Captchas are starting to fail, as newer spamming programs have OCR built into them. The whole arms race thing smile

 Signature 

“I like your Christ, I do not like your Christians. Your Christians are so unlike your Christ.”

-Mahatma Ghandi

Moloch United States Posted on 03/03/2007 at 12:42 AM

Moloch pic

kjlfhsglknsjfngklsdfhg;lhjsoghjfs

Am I considered spam?

 Signature 

Beware the beast man, for he is the Devil’s pawn. Alone among God’s primates, he kills for sport or lust or greed. Yea, he will murder his brother to possess his brother’s land. Let him not breed in great numbers, for he will make a desert of his home, and yours. Shun him, for he is the harbinger of death.

Les United States Posted on 03/03/2007 at 03:09 AM

Les pic

Hard to say. It made more sense than most of the rest of your comments.

 Signature 

When one reads Bibles, one is less surprised at what the Deity knows than at what He doesn’t know.
-- Mark Twain

decrepitoldfool United States Posted on 03/03/2007 at 05:35 PM

decrepitoldfool pic

I have had a bunch of those random-character spams on a single old post for the last 10 days.  Why just that one post?  Then just now that post got hit with a large entry of conventional, link-laden spam.

Seems unlikely the steady stream of random-character spam, and the conventional spam that just arrived, were unrelated.

Webs United States Posted on 03/03/2007 at 06:50 PM

Webs pic

I just started forcing everyone to have an account to be able to comment.  It dropped my spam down to essentially nothing.

 Signature 

Brother Spikey Mace of Patience

Unitarian Jihad Name: Get Yours
Unitarian Jihad Background

elwedriddsche United States Posted on 03/03/2007 at 07:13 PM

elwedriddsche pic

Webs, if you have that level of access, mod-security is your friend.

 Signature 

Science is answers that must always be questioned.
Philosophy is questions that may never be answered.
Religion is answers that must never be questioned.
Politics is answers that lobbyists pay for.

Webs United States Posted on 03/03/2007 at 07:31 PM

Webs pic

Yea wordpress allows me to force people to register if they want to comment.  I am not really going to do much with my website at the moment though cause I am planning on moving my hosting from GoDaddy to a home hosting solution. 

I am hoping to have that done before the end of the summer.  At which time I plan to update the software, get some good mods for spam, and open up comments to unregistered users.

 Signature 

Brother Spikey Mace of Patience

Unitarian Jihad Name: Get Yours
Unitarian Jihad Background

Page 1 of 1 pages

Name:

Email:

Location:

URL:

Smileys

 @ 
<a>
Close Tags

Remember my personal information

Notify me of follow-up comments?

Submit the word you see below:


Next entry: Blizzard launches "The Armory" for pulling up info on WoW characters and such.

Previous entry: In God we trust, but we won't take his checks.

<< Back to main