Archives for August 2005

Back to Archives

You Too Can Protect Our Country

I was on the bus yesterday and noticed that Bryman College now offers as one of its programs 'Homeland Security Specialist'. I'm pretty sure that says something important and scary about this country.

Would you like to aid in the protection of our country? Due to recent terrorist events, there is an increased demand for trained safety and security employees throughout the nation. The Homeland Security Specialist program will provide you with a solid foundation in planning, implementing, and managing security operations for an organization.

Yikes.

Biking Mulholland Drive

Biking Mulholland Drive I took a bike ride today, and I think I about died at five or six different points. Every once in a while it's good to take a ride that absolutely just knocks you down a peg, just to keep an honest opinion of your riding abilities. This ride was one of those for me.

Basically Kathy's back in Michigan until the 26th. Normally I ride to church with her, but this week I was on my own to figure out how to get myself there. The problem: I go to Bel Air Presbyterian, which just happens to be on the entire other side of town, and on top of a mountain. It's not too far away, though, so I figured I could probably make it on the bike. — Continue Reading...

One Less Day of Classes?

I realized today that one week before classes start back at USC, it might be good to check in on my schedule and make sure no classes I'm signed up in have been cancelled or otherwise changed to make them not fit my schedule. It doesn't seem that's the case for any of them, but it looks like my one Monday/Wednesday/Friday class (Latin III) is now a Monday/Wednesday. If that truely is the case that's perfect, since it was my only thing on Fridays. Still no professor listed for that one, though.

I realized today that I have no clue what my PIN number is to get into the USC apps for seeing balance due, registered classes, etc. For four years it was my birthdate (the default, which they gave you an option to change and I never did), then one day it popped up a "you have to change this now" box, and I changed it. I don't think I've used it since. The way they give to get it reset is via faxing a request to the Registration office. I guess I'll do that tomorrow.

Another Step Against the Spammers

So the spam killer hit a little snag today when the comment spammers started making the request for the blog post and the comment come from different IP addresses, and the initial request not come with a referer. So I'm still blocking lots of referer spam, which is nice, but some comment spam came back.

Then I realized that all of the IPs I was seeing were actually open proxies. So I started looking them up on DSBL, and they were there.

Normally I'm all for anonymous proxies, but in this case I hate comment spam more than I care about people having to hide from the government to browse this blog, So I added a DSBL IP check to my blocking mechanism. I have it in the same PerlPostReadRequestHandler still, but you could block based on IP even earlier, so I might break it out and do it there. Now I just need to start grabbing the DSBL zone to secondary so that I can have a local lookup.

Oops

I just realized that in my Apache upgrades the other day I broke mod_php4. It took me this long to notice because I only use php on the frontpage of ericrichardson.com. And, well, I never see that page. I should read my website more often.

In order to get mod_rewrite to do proxying, I had to grab the apache source package and compile mod_proxy into the binary. I guess that broke something the stock php4 module depends on, 'cause it segfaults on me now. I guess I need to build that from the source package now too. Ugh.

August Midnight Ridazz Comes to My Part of Town

The August Midnight Ridazz was tonight. The theme was Tron, which I was pretty excited about. Not excited enough to actually figure out any sort of costume, but excited none-the-less. I had patched my front tire earlier today, so I was all set to ride.

Turns out the ride, or at least the part I was on, went through Downtown. I wrote about that over on blogdowntown. We went down Hill Street, then took a pass through Central City East, and finally circled the Caltrans building a few times. Then it was back through the 2nd St. tunnel to Echo Park, which we circled before just hanging out for a bit.

I show 14.93 miles from leaving my apartment to my return. Average speed shows up at 9.3mph, but I can't say if that's accurate; I did a lot of speeding to the front and then stopping to either take pictures or occassionally to stop traffic while the ride went through.

Spam Stopper Working Great

After letting it run overnight, I can say that the new referer spam killer is working like a charm. I've posted the code if you're interested in seeing the details. All I know is I love seeing entries like this in my log file:

200.181.52.174 - - [12/Aug/2005:12:15:34 -0700] "GET /blog/1549 HTTP/1.1" 403 9 "http://casino-games.casino-light.com/" "Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.1)"

I have the code registered as the PerlPostReadRequestHandler for blogdowntown and blog.ericrichardson.com. That means it gets called before we've wasted much time processing the connection.

I also wrote a little log cleaner script to use SpamKiller::Handler and clean referer spam infested log files. This is helpful for old hits; new ones are 403 and don't get counted as referrals (at least in awstats).

If your problem is just comment spam that's coming in without the referers, the same technique could be used to just scan posted comments and reverse lookup the urls.

Starting the Fight Back

Today I launched my first salvo in the war against comment and referer spam. The situation had gotten ridiculous, especially over on blogdowntown, where I had seen 850 or so comment spams in about a week. Looking at stats had become similarly useless, since the visit numbers had ballooned 150% with the traffic. The attacks all come from different IP addresses, but today I realized that the websites they point to have to actually be hosted somewhere -- and it's a lot harder to find a hosting IP than it is to hijack some European desktop to do your spamming.

And so just now I'm putting in place a mod_perl handler that sits as early in the connection process as possible and singles out offending IP addresses based on their referers. It then blocks both the IP and the referer, and returns a 403 Forbidden error.

The beauty is that while I'm only actually filtering referer spam, I'm knocking out the bots that were doing the comment spam at the same time, since the bot is double-dipping. The IP continues to be blocked, even when it no longer has the referer.

Early testing has worked well. I don't think site responsiveness should be noticably effected. We'll see if that holds true.

One More Night in the Windy City

Today's plans to get to Chicago via train went off perfectly. Kathy and I boarded the 10:30 South Shore train in Michigan City and were in Chicago at noon. We wandered around pretty much every block on the loop, ate a great dinner, picked my bags up from the lockers at Union Station, and I took her back to the station. She intended to catch the 7:18 train, but the 6pm had been delayed and she caught that out at 6:45pm instead. I walked back to the Blue Line and rode out to O'Hare.

I wasn't checking any bags, so check-in took a literal thirty seconds. The security line was non-existant; I was worried I wouldn't have my metal objects out of my pockets and into my bag before I got to the front. All told, I was at the gate ten minutes after entering the airport.

Then they cancelled my flight. — Continue Reading...

How to Do Chicago via Trains

Tomorrow evening I fly back to LA. The plan is for Kathy and I to head into Chicago (she's here in MI for a few more weeks), hang out for the day doing whatever, and then I'll take the Blue Line to the airport in the evening and she'll head back home.

This gives me another chance to figure out one of those trips I like so much. What's the best way to get from Muskegon, MI, to Chicago, IL, spend the day, and have one person make it back in the evening while the other heads on to O'Hare? — Continue Reading...

California Thinks Pennsylvania is Out to Get Me

I went to the DMV today to get a California driver's license. I've been out here for four years now, but being a student you don't have to necessarily change your license/insurance/etc, so it's been one of those things I've put off. Now, though, since I don't have a car to worry about I figured I might as well go ahead and make the switch.

I made an appointment at the Lincoln Park branch, and that all worked out just fine. Of course I forgot to bring cash and had to take a 45 minute stroll to find an ATM, but that's my fault, not theirs. The written test was easy enough, and I sort of skipped the vision part (which I think might mean I get a corrective lenses restriction, but that's really not something I care about).

Here's where things get weird, though... They can't issue the actual license until I take care of something that showed up in the computer as a ticket in the state of Pennsylvania.

To my knowledge I have never had a ticket in PA, nor have I been pulled over there. In fact I just called PennDOT, and they don't have me in their computers. — Continue Reading...

More Singularist Coverage

Just to keep you up to date, here are some more bits of Singularist coverage... After the Chicagoist interview went up there were posts from Seattlest, SFist, and today DCist. A few days ago Ross Mayfield mentioned Singularist on his blog. LAVoice also had a post, and somehow I found my way into the comments on this blogging.la post about Joseph Mailander and Kevin Roderick (the singularist mention is down toward the end). Also last week were posts on losanjealous and blogebrity.

It's entirely ironic that I've had stuff on the web for like six or seven years now and a parody site I do gets more traffic than any of the more serious stuff. That's the nature of the web.