ReverseDOS 2.0. New and Improved. Now with LESS functionality!!!
The quick story:
ReverseDOS 2.0 was
designed with two goals:
- Make ReverseDOS easier to configure, less difficult to document (and understand), and make it more powereful and flexible in the war on site spam. (I covered some of the details of that here).
- Give ReverseDOS it's teeth back. This is COMPLETELY OPTIONAL, but I really want to be able to gum up the works for referrer/comment spammers. So, ReverseDOS 2.0 does just that. When spam is detected, it makes the spammers wait for a few seconds before sending them back the 403 - DENIED HTTP response code. The number of seconds spammers have to wait is controlled by a web.config setting, and can be set to zero - meaning that the response code will be returned immediately.
So what's New in 2.0
Less. Lots Less.
- There's less to configure. There are now fewer settings to configure globally. In fact, they are all set by default. Only use the web.config to change global settings if you want them to deviate from the default.
- All of the different response types in 1.x are now gone. ReverseDOS 1.x let you try to dos the spammer by sending a stream of bytes - that's now GONE. Or, you could try and redirect spam referrers back to the site they were pimping - GONE too. Or, you could spoof all sorts of HTTP Response Codes (including 403); GONE.
- Now there's only one, standard response: Wait the configured number of milliseconds (checking every .3 seconds to see if the client is still connected), then send out a 403. (And if the configured number of milliseconds to wait is 0, then the 403 goes out immediately. The default is 60 seconds -- which very few spammers will ever wait for, but if it gets even ONE, it's well worth it.)
- Fewer response options means less configuration per filter. So, the action and priority attributes are now GONE.
- A cleaner filter type model. Instead of a post filter, and a regex_post filter, there's just the post filter. If you want the pattern to be treated as a regex, then just set the isRegex attribute to true.
- More powerful filters. Two new filters should be the only kinds of filters people end up using in 99% of deployments: the commentspam filter, and urlspam filter. The commentspam filter will look for words/patterns in the querystring or the post as needed. And the urlspam filter will block trackbacks and referrers. Sick of www.pokerSpammers.com Just add a single urlspam filter with pokerspammers.com as the pattern, and trackbacks and referrers with that text will be blocked.
- Other stuff. But it's getting late, and I have oodles to do tomorrow.
So what's next
ReverseDOS 2.0 is now feature
complete, and has been through testing. It's techically ready. (I'll be
dropping it on AngryPets this weekend if I get time (and taking off my
CAPTCHA)). I just need to make sure people will be able to install and configure
it. So, I'll update the installation and pimpage on my site, then make the
binaries, source, etc available for download. Expect it by the middle of next
week if all goes well.
Was going to install ReverseDOS today, but now I want to just do 2.0. Puhleaze post it? :-)
Posted by: Jamie Thingelstad | July 09, 2005 at 04:25 PM
Hmmm. I actually sent an advance copy of 2.0 to Scott Hanselman (he was kind enough to look at it after we discovered that I'm doing some things similar to what is being done by DasBlog). Anyhow. His awesome feedback has convinced me that I need to create a version 3.0. But, since 2.0 is feature complete/done... i might as well release it if the 'masses' are 'clamouring' for it ;) Expect it soon.
Posted by: Michael K. Campbell | July 11, 2005 at 08:54 PM
One thing that I want to be able to do is to configure it without going into the whole hassle of open ftp/download web.config/edit/upload to ftp Can you add a really simple web service for this? Something that would allows a GUI to be developed so I can just open the GUI, type the newest spam bot, hit Send and know that I'm protected.
Posted by: Ayende Rahein | July 14, 2005 at 02:28 AM