Hi Igor, > I can only think of adding a > captcha to it, but you have already pointed out its faults.. > You seem to know quite a lot about the matter, it is only that these things have happened - in some other way - before. I'm on the internet now for nearly 15 years and was always confronted with attempts to abuse, DOS attacks or SPAM. The volume increases, the technology evolves and as new services emerge it adapts.
> what do you propose? First, there is no overall solution, that I've learned. ;-) The question is to find the right balance between effort and result - as always. An old example for an DOS attack in the real world was a pizza service that is called by phone phreakers and real customers won't get through to place an order. Perhaps more phone lines or a call center might catch up, but the costs for this will probably cut down any profit. You can only survive a DDOS attack if you distribute your content over a (D)istributed (C)ontent (N)etwork which has more (capable) nodes than the DOS bots. Which makes the solution in any way futile. If you run a blog, you want to recieve comments and trackbacks, as if you pass on this interaction you can run a static page. But even then you can be DOSed, but you are likely a low attractor then. One way is to raise the hurdle. Only allow a closed user group to comment or trackback. Authorize users only on personal knowledge or certificate/pgp signature. For the blog world imho an impracticable approach. At least as long the UN citizen certificate key is unavailable. :-( Next thing is verifying the posting via captcha or acknowledgment via email reply. Or tar-pitting and greylisting. All this raises the effort @ the bad guys side, but this will only work as long as there are easier, more attractive targets. So the only way I can think of is a way similar how email spam is handled: - lexical analysis of the content - cookie based whitelisting But the problems with the pattern list are, that we need blog specific ones. There are blogs which spin around viagra or poker. If we don't do this, the false positive rate will for some blogs way to high. Therefore each blog has to be trained, comments/trackbacks classified a spam need to be quarantined and under certain conditions reclassified. For email spam prevention I use now quite some time DSPAM,http://dspam.nuclearelephant.com/ with great success and very, very few false positives. Even in very heterogeneous environments with German/English mixed and normal users and high traffic mailinglists. There is(/was?) even a python wrapper around libdspam, that I think I have somewhere in my closet and can go looking for it. Btw.: Has anybody tried my implementation of the spam cleaner within COREBlog? Any feedback on this? Ciao, dev _______________________________________________ COREblog-en mailing list [email protected] http://postaria.com/cgi-bin/mailman/listinfo/coreblog-en Unsubscription writing to [EMAIL PROTECTED]
