This page is not available in 繁體中文, as a result the English (en_US) version is shown instead.
Anti-comment spam update

Looks like key rotation isn't working as expected:

67.15.18.27 - - [19/May/2007:09:25:36 -0700] "GET /post.ml?reply_of=56 HTTP/1.1" 200 7586 "-" "Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt\\)"
67.15.18.27 - - [19/May/2007:09:25:37 -0700] "POST /cgi-bin/post.pl HTTP/1.1" 200 5190 "http://hxbc.us/post.ml?reply_of=56" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
67.15.18.27 - - [19/May/2007:09:25:57 -0700] "POST /cgi-bin/post.pl HTTP/1.1" 302 5 "http://hxbc.us/post.ml?reply_of=56" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
67.15.18.27 - - [19/May/2007:13:20:42 -0700] "POST /cgi-bin/post.pl HTTP/1.1" 302 5 "http://hxbc.us/post.ml?reply_of=56" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

The 5 seconds delay clearly worked the first time, and the spammer proceeded to repost the comment 20 seconds later. I wonder how he is able to post again nearly 4 hours later, without getting another secret token.

I have another plan to make the spammers' lives more difficult, which I will probably implement this weekend.

by khc on Sat May 19 13:31:02 2007 Permlink
Tags: computer
RE: Anti-comment spam update

Ahh, a mistake of my part caused Blowfish to always use 'cipher' as the encryption key. RESOLVE FIXED+VERIFIED!

by khc on Sat May 19 14:15:28 2007