Well, I heard back from both Jamie and Jack. ReverseDOS 2.8 is performing perfectly on their end. So I've released version 2.8 to the world. More info can be found on the ReverseDOS page.
« June 2005 | Main | August 2005 »
July 28, 2005
Shout-Out to Jamie Thingelstad and Jack Hecker: Testing ReverseDOS 2.8
So version 2.8 of ReverseDOS has been completed for almost a week. I've been testing it quite a bit on my local dev/test box. The good news: I was able to duplicate the gratuitous 403 bug against 2.1 in test, but haven't been able to produce that same kind of activity from version 2.8 -- which is good, because 2.8 was architected from the ground up to fix those problems ;)
But, given how much it sucked to release version 2.1 out to the world, only to see it buggy, I want to check version 2.8 extensively - and in the real world, not just in a test environment. Only, there's a problem: my use or various incarnations of ReverseDOS on AngryPets.com has made it so that I only get about 8-10 spam attempts per day. Not that I'm REALLY complaining, but that does make it hard to test version 2.8 in a live environment against spammers when they hardly visit my site.
Happily, two brave souls have offered to test version 2.8 out on their sites to see if it's working correctly.
Jamie Thingelstad is testing it out on roadsignmath.com and on his blog. So far things are looking good. 403s are only happening where they belong and he's already seen a few spammers dumb enough to wait around for 20 seconds to get the Response Code (403). His roadsignmath site gets a hefty amount of traffic, and oodles of spam attacks - so testing things out there has been very helpful.
Jack Hecker also encountered problems with 2.1, and has already deployed 2.8 to his own blog. He too has had it with spammers, and if it works for him as well as it is working for Jamie, I think it will be safe to say that it's ready for the 'masses.'
If testing continues to go well, expect ReverseDOS 2.8 by tomorrow evening.
Posted on July 28, 2005 | Permalink | Comments (4) | TrackBack (0)
July 26, 2005
ReverseDOS 2.8 in Testing
I've tested the crap out of ReverseDOS 2.8 in my testing environment. It's working out perfectly. The new redesign makes it tons easier to manage. There's also the ability to 'trust' certain IP addresses as well from withing the .config file - so you don't have to worry about ReverseDOS-ing yourself when you post to your blog and such...
Performance has also seen a serious boost. For all intents and purposes, filtering is free. I've run some perf tests with and without rdos 'installed' and the results are quite favorable.
Without ReverseDOS configured or hooked into the
pipeline:
Average: 191.2 pages/second
With ReverseDOS configured and scouring for comment/referrer/etc.
spam:
Average 190.6 pages/second
I'll run some more tests later... but at present it's looking well within tolerances.
Now I'll just run version 2.8 on AngryPets.com for a few days and then pour over the logs to see if I spot anything amiss. (I shouldn't.)
Posted on July 26, 2005 | Permalink | Comments (0) | TrackBack (0)
July 25, 2005
UPDATE: Rewinding Request.InputStream
A while back I posted about the need to 'rewind' the Request.InputStream if you peek at it. I laid out some hypothetical ways to do it, and in the end settled on one that used a C# using statement.
Bad Move.™ I found this out while testing and wondering why my stream wasn't being rewound. Why Because when the using statement is done, the underlying stream is CLOSED, in order to allow the Streamreader to be disposed. This means that your stream doesn't rewind, it just GOES AWAY, which is much worse than leaving it 'unwound.'
In the end, using a StreamReader on the InputStream is pretty much a bad idea, unless you plan on having exclusive access to it and don't care about rewinding it. (BTW, ReverseDOS 2.8 no longer peeks at the InputStream in this manner).
Of course, if you shouldn't use a StreamReader, then how should you do it Well, remember that InputStream is a stream, and you can just read bytes out of it as needed. (But you'll need to rewind when you're done). Here's an example:
HttpRequest Request = HttpContext.Current.Request;
long len = Request.InputStream.Length;
byte[] input = new byte[len];
Request.InputStream.Read(input,0,Convert.ToInt32(len));
Request.InputStream.Seek(0,SeekOrigin.Begin);
// xfer the byte[] to a string:
string output = System.Text.Encoding.UTF8.GetString(input);
This way we're still rewinding the InputStream when we're done peaking at it, we're not leaving objects open/laying about, and the rewind is actually WORKING.
Posted on July 25, 2005 | Permalink | Comments (0) | TrackBack (0)
July 23, 2005
IIS and 403 - Oh My!!! (ReverseDOS update)
Not sure how it happened, but it's broken. Jamie Thinglestad initially reported some goofiness with ReverseDOS blocking requests that it shouldn't have. He was kind enough to send me some log files for analysis... and sure enough, there were some 403s where they didn't belong.
Then, today, I noticed in my logs some similar patterns. (So much for testing... ) I'll evaluate this as soon as I get a chance. Until then, ReverseDOS is out of commission. If you have 1.2, you're fine. If you have 2.1 you'll need to disable it (sorry, REALLY sorry). You can do that by making your web.config look like this:
<reverseDOS>
<settings enabled="false" >
I'll post details as soon as I have them (I'm sadly swamped with a few projects right now). I've got a few ideas on what COULD cause a problem like this... so I'll evaluate them ASAP.
Posted on July 23, 2005 | Permalink | Comments (3) | TrackBack (0)
July 15, 2005
ReverseDOS 2.1 Live
I made a few last-minute changes to the 2.0 code base, and 2.1 is now live (i.e. there was no 2.0 release). So, I'm happy to introduce the re-fanged, and easier to manage: ReverseDOS 2.1!
2.1 is a considerable improvement over 1.2, and should be a lot easier to maintian... but I've seen the future, and the future is ReverseDOS 3.0. (Then I'm done with it <g>).
As cool as 2.1 is, there are some BIG things about it that bother me. Consider the following entries in the web.config for stopping stuff with 'poker' in it:
<add type="commentspam" pattern="poker" />
<add type="referrerspam" pattern="poker" />
See, two entries, one to stop referrer/trackback spam, the other to stop comment spam. Ideally, you'd just create a list of CRAP, and anything in that list would be blocked, right
That's the first thing driving me to create a version 3.0. The second thing driving me to it is that I was fortunate enough to have Scott Hanselman take a look at version 2.0. I had asked him some questions via his blog about how DasBlog implemented trackbacks (in relation to ReverseDOS). He was cool enough to be interested in ReverseDOS, and took an exclusive look at the 2.0 Source. The cool thing: he actually looked at the source. Raised a few flags with things that I was doing, and gave me some pointers -- overall he gave me excellent feedback. (Seriously, the guy is awesome. Not only does he have an insane grasp of technology, but he's total capable of trying to bring people up to his level.)
One thing he also pointed out: the MT_BlackList. Apparently DasBlog just loads that in daily, and then checks posts against anything in that list. (That sounds like the list of crap i was talking about up above.) That's one thing I've been painfully aware of with ReverseDOS: the framework/idea is fine, but keeping up with adding definitions all the time is less than exciting.
So, here are some thoughts about the main changes that will be released in 3.0 (since it's well past my bedtime).
- I'm removing everything from the web.config. There's really no need for anything to be in there, and it's not worth reloading your app each time you tweak a filter.
- There will be a reverseDOS.config file. In it you can specify global settings, as well as settings for filter locations that you want to download/use. That will let you 'subscribe' to the MT_Blacklist (click here to see the list), and specify info about how often you want it updated. I'll also add the ability to 'subscribe' to other urls/locations as well.
- Loading these external resources will take place on an async thread. Meaning that it will lazy load when your site starts up, and when the resources are refreshing requests will be served on the 'old' info until the new info is downloaded/processed.
- The reverseDOS.config will also have a spot for you to enter your own list of 'blocked' crap. Together, your list, along with the lists you subscribe to will just create one HUGE list of crap to ban.
- Along those lines, I'll be completely changing the way I filter. Right now I run through an array/list of existing filters, and for each one, check what it specifies... something like: check the referrer, check the post body (oh, there isn't one, ok, move on), check the querystring, check this, check that. It all HUMS along because the framework is fast, but there are lots of issues with this approach. So with 3.0 I'll just grab the POST body if there is one, the referrer, the ip address, the url & querystring, etc and concat them all into one big string. Then compare that string against the ball of crap you don't want on your site. (THAT MAY prove to be too much to process, if so I'll figure out a way to adjust it - which should be simple: don't check certian things if the referrer is your own site etc (unless it's a post in which case the 'hit' will be tolerable, etc)).
- Then I'll also look at providing a way to add entries to your reverseDOS.config without opening it up and uploading it... (since a few people have requested that).
- Some other stuff.. but minor compared to all of this.
- But ReverseDOS will still keep it's teeth -- it's signature.
Posted on July 15, 2005 | Permalink | Comments (2) | TrackBack (0)
July 14, 2005
Zoinks!
Fujitsu creates digital paper:
The new electronic paper is constructed of three displaying layers - red, blue, and green. Since no color filters or polarizing layers are required, it features color that is significantly more vivid than conventional reflective-type LCDs.
A more vivid display than an LCD And at 1/100th to 1/10000th of the power Saweet!
Nothing about the response time though, which makes me wonder if it might not be slow. Either way, I can't wait to actually see this stuff out in the real world.
Posted on July 14, 2005 | Permalink | Comments (0) | TrackBack (0)
July 11, 2005
Will Someone Please Just Think of the Grandmas?
Once upon a time there was a Simpons episode about a burlesque house. Throughout the entire episode, Maude Flanders just kept shrieking: "Will someone please just think about the CHILDREN"
So, I think it's about time we thought a bit about the Grandmas.
It all starts with a bunch of LOSERS known as Gator. Techies know who these guys are, because they've invariably been called by everyone in their immediate family and neighborhood as the 'computer guy/gal' to come and rescue people from this crap software -- SPYWARE of the worst type (that watches what you do online, hijacks your browser, and wouldn't uninstall without every known geek trick on the planet).
Time passed. People got wise to Gator. Gator changed its name to Claria.
Spyware, and other malicious-ware got out of hand. Microsoft, partially in an effort to save face (because their security model (people running as admin by default, etc.)), and partially just to ensure good user experience released a SAWEET spyware detection system as a free beta to the world. It was a huge success.
Sauron had been banished. Middle Earth was cheery once more. Hobbitsessss frolicked in the sunlight.
Then an evil darkness slowly began spreading, and creeping, across the land.
Rumors of an ancient evil, being purchased by MS began to grow. Then there were
sightings... like this one:
http://sunbeltblog.blogspot.com/2005/07/microsoft-sets-claria-to-ignore.html
People started getting CRANKY. This couldn't be true could it Rallies were held. Effigies of Bill were burned.
Microsoft sensed the bad vibes and responded in an attempt to stop a PR disaster. Microsoft responded. The letter started off NICE. It said: Dear Customer...
Only they lied. Or, maybe they didn't lie -- perhaps they're just so damned big they didn't get their story straight between the marketing folks and the anti-spyware folks, but the result was too close for comfort -- well beyond PR/marketing, and handily into the realm of stinky. The facts are pretty simple: 1) MS Said they re-evaluated Claria/Gator's standing based on hard/fast rules. 2) there are no hard fast rules. 3) The press statement was therefore a total non-truth.
So, now, all this talk of Claria and the Ring-Wraiths... what does that have to do with Grandma Well, since a picture is worth a thousand words (remember, this is XP _PRO_) :
How dumbed down can you get MS has gone out of their way for Grandma. My 'pro' OS has been soooo dumbed down to make it EASIER for grandma use. Hell, there's even a stupid DOG to help her fetch her files - in a PRO operating System. And speaking of canines, doesn't it seem strange to go to all that trouble to make Grandma's life easier (and punish me while we're at it), just to throw her to the wolves Because throwing her to the wolves is exactly what has happened with this decision to allow her machine to remain hijacked by Gator/Claria/Sauron.
Posted on July 11, 2005 | Permalink | Comments (0) | TrackBack (0)
July 07, 2005
ReverseDOS 2.0 - Feature Complete
ReverseDOS 2.0. New and Improved. Now with LESS functionality!!!
The quick story:
ReverseDOS 2.0 was
designed with two goals:
- Make ReverseDOS easier to configure, less difficult to document (and understand), and make it more powereful and flexible in the war on site spam. (I covered some of the details of that here).
- Give ReverseDOS it's teeth back. This is COMPLETELY OPTIONAL, but I really want to be able to gum up the works for referrer/comment spammers. So, ReverseDOS 2.0 does just that. When spam is detected, it makes the spammers wait for a few seconds before sending them back the 403 - DENIED HTTP response code. The number of seconds spammers have to wait is controlled by a web.config setting, and can be set to zero - meaning that the response code will be returned immediately.
So what's New in 2.0
Less. Lots Less.
- There's less to configure. There are now fewer settings to configure globally. In fact, they are all set by default. Only use the web.config to change global settings if you want them to deviate from the default.
- All of the different response types in 1.x are now gone. ReverseDOS 1.x let you try to dos the spammer by sending a stream of bytes - that's now GONE. Or, you could try and redirect spam referrers back to the site they were pimping - GONE too. Or, you could spoof all sorts of HTTP Response Codes (including 403); GONE.
- Now there's only one, standard response: Wait the configured number of milliseconds (checking every .3 seconds to see if the client is still connected), then send out a 403. (And if the configured number of milliseconds to wait is 0, then the 403 goes out immediately. The default is 60 seconds -- which very few spammers will ever wait for, but if it gets even ONE, it's well worth it.)
- Fewer response options means less configuration per filter. So, the action and priority attributes are now GONE.
- A cleaner filter type model. Instead of a post filter, and a regex_post filter, there's just the post filter. If you want the pattern to be treated as a regex, then just set the isRegex attribute to true.
- More powerful filters. Two new filters should be the only kinds of filters people end up using in 99% of deployments: the commentspam filter, and urlspam filter. The commentspam filter will look for words/patterns in the querystring or the post as needed. And the urlspam filter will block trackbacks and referrers. Sick of www.pokerSpammers.com Just add a single urlspam filter with pokerspammers.com as the pattern, and trackbacks and referrers with that text will be blocked.
- Other stuff. But it's getting late, and I have oodles to do tomorrow.
So what's next
ReverseDOS 2.0 is now feature
complete, and has been through testing. It's techically ready. (I'll be
dropping it on AngryPets this weekend if I get time (and taking off my
CAPTCHA)). I just need to make sure people will be able to install and configure
it. So, I'll update the installation and pimpage on my site, then make the
binaries, source, etc available for download. Expect it by the middle of next
week if all goes well.
Posted on July 07, 2005 | Permalink | Comments (3) | TrackBack (0)
Annoying Media Player 10 Flaw
I really like WMP 10. It's lean, slick, functional, and makes buying music a sinch. The lists could be a bit more intuiative, but overral it rocks.
It should, however, be forced to go around and introduce itself at parties
thusly though:
"Hi, My name is WMP. I've got it together, only I'm too
dumb to be able to tell when a user is playing music or video."
Seriously, anyone else hate how it interacts with the screensaver
Here's an idea: let me specify screensaver 'allowability' for musical playback, and visual playback. THAT would be spiffy. Because here's what invariably happens: I watch a movie, or an episode of TV, etc. And 3 minutes into it, the screensaver pops on. So I toggle the screensaver option.. and all is well -- until a day or two later when I leave my laptop and expect the screensaver to turn on and it can't, because I told it not to. (I know, I know, life is hard.)
EDITOR'S NOTE: Mike LIKES to complain, but you don't see him using any other media players out there - he HATES all of them. WMP is his favorite (he just wants it to be PERFECT).
Posted on July 07, 2005 | Permalink | Comments (0) | TrackBack (0)
connect
contact
syndication
archives
index
January 2012
September 2011
May 2010
September 2009
July 2009
June 2009
May 2009
April 2009
March 2009
January 2009
December 2008
November 2008
October 2008
September 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
November 2006
October 2006
September 2006
categories
.NET
AngryPets Tools
Annoyances
Development
I've got issues
Link Love
Misc.
MS Office Sux
News / Politics
Rants
Raves
Servers
SQL Server
Stupidities
Testing
That Internet Thing
Tutorials / Info
Virtualization
blogroll
Better Lemonade Mousetraps
Blue Phoenix
Eric.Weblog()
Frog Blog!
RepeatableRead
Robert Hensing's - Security
Seth's Blog
Slow and Tired
Structure Too Big
Technology Evangelism
recent comments
ben
eric
proviron
Oyunlar
Kendra Little
Dio
Ryan
Mark Boughter
Mike
Andrew
Anne
James
Michael K. Campbell
James
HH
SQL Server Hosting
Artur Emil
Michael R Roberts
eve isk
Md. Golam Rabbani