Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by annie

  1. I have a relatively minor spam problem on my MT blog. I'm having fun sharpening my claws on my spammers. I recently did something that, although it may hinder some legitimate users, should at least frustrate my spammers. My most prolific comment spammers has tried a few times, but his frequency isn't too often. But one of the other comment spammers must have gotten tired of my musical chairs approach to frustrating him, and moved to trackback spam. Could be because the latest MT enables moderation of comments by default. Probably more likely than my actions alone influencing him. Anyway, trackbacks are not yet possible to moderate as far as I know. I'd LOVE to learn how, if anyone knows? But, I blocked this one too, and he's currently going crazy, trying IP numbers, trying to get through... All but the top two are desperate attempts to get through during a period of 15 minutes. The top thwo did get through, and were entered quite far apart. Might have been tests, and since it took me a few hours to remove the first one, he may have stepped up the pace, I don't know. Anyway, the IP numbers look like normal dynamic IP numbers to me. I wonder how that's done? I mean, just minutes apart? EDIT: More IP numbers:
  2. I talked to one of the really big warehouses that sell computers. They say the Toshiba laptops are the ones with less returns. Mine are Toshibas and I'm really pleased with the keyboard on the big one.
  3. I bought a chip from MemoryX. They had a chip for my old laptop. Third part RAM, but it WORKS, and the price was good. Fast service, all the way to Norway. And the wonderful part was that I'd given up on getting memory for that laptop years before. It's that difficult. But I got it from MemoryX! You won't believe how wonderful it is to move from 32 mb to 96! Of course, I got a new laptop right after, but that's another story.... That tiny little machine will still be in use for as long as it works, because the new one is a monster.
  4. My next machine will probably be bought with this halfway expensive box from a music store close by. They're quiet and wonderful. And then custom built from then on. By using stuff I already have, it shouldn't be too bad, though still more than an eMachine.
  5. Laughs XP on a Windows 95 machine? Now that I gotta see! Those usually have no USB, and the ram is usually way on the I AM A SPAMMER side. 64 was pretty good back then. Some came with 32 and in the beginning they came with 16! Hard drive space was around 6 gigabyte. Towards the end upped to around 20 gigabyte. No, tell him to forget about it, and do NOT give him your registration number. If he insists on being laughable, tell him to be that way on his own time.
  6. I've got a predominance of females on my site, though the males are catching up. Here's my statistics, even though I myself use Firefox and probably upping the percentage a little. I'm responsible for maybe a half percent of the traffic. Here are my Awstats: MS Internet Explorer 90.8 % Firefox 3.2 % Netscape 1.6 % Mozilla 1.3 % And on and on.
  7. Hmmm, is there a way of backing up those files that have changed recently? Should be? Hopefully the attachments will be in one tidy folder?
  8. Do a manual backup of the forum files and transport it to another machine. Back it up to your own machine or a CD etc. But you only need to do that each time you've modded the files or upgraded the forum. The MySQL database is the only thing that changes when the forum is in use.
  9. My local TextTV reported that the internet could break down today because of Santy.A! Come online early, to find out F-secure had heard from Google that they're filtering the queries from the worm, and now it's stopped! But upgrading is still not negotiable. You never know when the next yokel has a good idea!
  10. Also, note this story: http://www.theinquirer.net/?article=20329 We might see exploits targetting other software soon. Even got a guy insisting his Movable type weblog got infected with this! He doesn't seem to have phpBB listed in Google. Might be on an insecure host, though? TCH already updated PHP, I see.
  11. By now they've figured this thing out and the news reports are coming hard and fast. Upgrade to phpBB 2.0.11 and you'll be fine if you haven't already been hit. Renaming the forum while you do might be a good idea, so you won't get hit while working on it. If your blog isn't in Google, you should be safe. I have a friend who's got two phpBB forums on one server. One's hit, the others' not. The one that wasn't hit wasn't in Google. Then there are others who've been lucky so far, but there's a lot of pain in the webworlf today...
  12. Looks like a lot of people got hit: http://www.phpbb.com/phpBB/viewtopic.php?t=241300 I haven't read the whole thread yet (24 pages long right now), but this is likely where solutions will emerge. I should say that my friends' site is not on IPower.
  13. Also, people loading pages but not the images on them...
  14. This is really weird! The forum was starting to work again. Then another friend IM's me and tells me he gets that message again after 'View your posts'. I checked last modified date on web root when I first saw the defacement, and now again, and the time doesn't match. But it DID match when I rechecked it before the forum stopped working. Logic bomb or the hacker redefaced?
  15. Some friends of mine had their website defaced today. Here's what the pages said: ------------- This site is defaced!!! NeverEverNoSanity WebWorm generation 10. -------------- Problem is, I can't find anything on Google or anywhere else about the defacer or the tool. So what on earth is this? And who's the proper party to report it to in case we find evidence of what was done? All index files were replaced, as well as all php files. That included a little script I'd hidden in a password protected directory!!!! They're running phpBB. Don't know if that's significant. They'll work with the webhost (not TCH) on figuring it out, but as one who's been on the receiving end of this sort of joke before, I'd like to DO SOMETHING! sniff...
  16. That post ate itself after a trackback with an & in the name of site field. So maybe you'd better check this address instead for now: http://jayseae.cxliv.org/ Also, he's in the process of fine tuning it. Some changes to what you wrote here. EDIT: the post is fine with IE, but I was using Firefox...
  17. I remember when I was on another host. Now and then I'd have problems with mail. I had mail forwarded to an ISP account, as well as another account. One of the servers the mail was forwarded to would not always receive the mail. Something about closing the connection too early or something. My old host was insecure, so I'd download the maillog for the whole server and trouble shoot it. These things happen. I don't know if the problem was with my webhost's mail server or my ISP's. I know the support staff here are capable of checking the maillog, since they've done so for me before when troubleshooting. One even sent me a part of the file (only the part having to do with my domain). So you should ask them to check the maillog during a period when you've done controlled tests and know mail is missing. If the error is on the TCH server, then it should show up in the log, maybe as a missed connection of some sort.
  18. Is this javascript version it? http://mt-hacks.com/
  19. I just had a bunch of curious accesses. Referer is http://www.google.com and the user agen is: MSIE 5.0. IP number is:, which is somewhere in Bulgaria. Going through all of my individual archive MT blog posts in haphazard sequence. I guess I'm just wondering when I'll see comment spam to my newly renamed comments script...
  20. I did a 404 sweep of this month's log on the host with the MT installation. I found LOADS of 404's for spam attempts to nonfunctioning comment and trackbacks for my old B2 installation. So although some very advanced spammers have systems in place to detect changes, a lot of them are still blithely spamming away to dead installations!
  21. Oh, I just thought of something. I get a lot of 404 errors from people trying to post to my old B2 installation, and will now get lots of those trying to access the comments script that's been renamed. Of course, 404s won't be that taxing to the server. I'm wondering how much of a nuisance they are, though. Also, I'm wondering what you guys know about the spammer scripts. How long will it take them to figure out the script has been renamed, or a blog has changed software. It took the texasholding crew quite a while to figure out I'd switched software. But once I banned an IP number used by one spammer, I got a visit from that rolling IP number thingy next time. Looks to me like they're REALLY evolving fast now. I'm wondering if maybe they're keeping it simple for anyone who doesn't fight it, and using the rolling technique for those who put up a fight - and other techniques they implement whenever they find certain errors in their logs?
  22. Just to be clear: I don't have MT on a TCH server. I however have it somewhere else. I did rename the comments script today. I've got version 3.11, and I found it was fairly simple to do it. Go to cpanel and file manager, then find the mt.cfg and make the change. Rename the comments script into whatever you feel like, with a .cgi ending. Then, depending on how your blog is configured, a rebuild of the individual archives MAY be all you need to do. I didn't have to do anything to the templates, works anyway. I'm also setting the archives to dynamic now. Granted, that's more complicated than renaming the comments script. But my comment spam load is manageable. I just got found by an old spammer, but don't get hit every day. I'm fully prepared to rename the script each time a spammer finds me. I also put comments on moderated to avoid the embarassment.
  23. I was fooling around with the stuff in the links. And then suddenly the blog was gone! Got a 404 error, and nothing I did worked. So, I thought, hey, what if? So I removed the contents of the htaccess file, and suddenly the blog was there again. Turns out this was the problem: Options -Indexes <IfModule mod_rewrite.c> <IfModule mod_dir.c> DirectoryIndex index.php index.html index.htm default.htm default.html default.asp /mtview.php </IfModule> RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ /mtview.php [L,QSA] </IfModule> <IfModule !mod_rewrite.c> ErrorDocument 404 /mtview.php ErrorDocument 403 /mtview.php </IfModule> ----------- More specifically, mtview.php is missing... I think I need to add a path to it somehow, because it's present within the directory my blog is residing in. Solution: change the path to the relative path your mtview.php file is residing at. Then make sure that file isn't world writeable (mine was). Then it should work.
  24. I'm just wondering if James Seng's Scode is working on TCH's servers? I had to give up (for now) on another host. Probably something stupid causing it to not work. Also, do you know if his code still is impervious to automated attacks?
  25. I think I've tried every flavor of windows except windows 2000. Got several running now. I do have a linux machine, but haven't used it for a few years since I discovered some dos utils that do part of the same thing linux does. I still miss one of the apps I ran on linux, but the machine was old, and I don't have a faster one to spare right now.
  • Create New...