Network World

Weblogs
Search / DocFinder:
Advanced search
Home
Research Centers
Applications Convergence / VoIP LANs / Routers Network Management Network Storage Operating Systems Security Servers / Data Center Small / Med. Business Wide Area Network Wireless / Mobile
News Events Buyer's Guides
Vendor Solutions
White Papers Special Reports Webcasts Partner Sites  -Secure Routing  -ProCurve Networking  -Enterprise Security  -Software Dimension  -Application Acceleration  -IT Agility  -Networking Solutions
Site Resources
Product Tests Buyer's Guides NEW Video Library Demo.com Careers Newsletters This Week in Print Opinions Blogs Podcasts Encyclopedia Forums RSS Feeds Special Issues Network Life
About Us NW Subscription
Special Issues

Signature SeriesEnterprise All-Stars
Enterprise All-Stars NEW

You in action
You in action

New Data Center The New Data Center: Wireless & Mobility
Wireless & Mobility NEW

The New Data Center: Server Virtualization
Server Virtualization
NetworkWorld.com > Weblogs > Compendium >

Search Compendium

RSS feed

Compendium archives

Movable Type servers come tumbling down

By Adam Gaffin, NetworkWorld.com, 12/17/04

To paraphrase Charlton Heston: "Get your stinking paws off me, you damned dirty spammers."

Recent days have seen a growing crescendo of Movable Type servers either slowing to the point of unusability or being shut down by their hosts because of a couple of bugs in the way the latest version of Movable Type attempts to block spam in comments to posting - bugs that became evident only when spammers dramatically escalated the sheer volume of messages they try to post on MT systems (oh, for the days when comment spammers hand-posted their messages, instead of using zombie armies of Trojan-infested home computers to spew thousands of them).

Reid Stott offers an example:

"... I’ve had to restore permissions on MT for a friend who got shut down at Pair due to comment spam, and the server my site is on at TextDrive has been taken down (briefly) twice in the past week or so by thousands of MT processes run amuck. And we’re talking industrial strength web servers ...

A Boston blogger writes:

I had some trouble today - seems there was a Comment Spam attack, which caused my installation of MT and MTBLacklist to crash the hosting server.

So, my domains were suspended.

Help is on the way, according to Jay Allen, who wrote MT-Blacklist and who now works full time for Six Apart:

We are currently testing these fixes both in-house and with a number of web hosts who were among the first affected by the problem. We will have these fixes released to you as soon as the testing is complete. There is no higher priority to us than making sure that our customers and their websites are protected from the effects of these malicious attacks.

His note also explains the bugs, if you're interested.

TrackBack
Back to Compendium

Comments

Been there, done this. The spam recently has been coming in so fast (i.e. every 5-10 seconds), it causes a DOS-like attack on my webhost. It's incredible there are such inconsiderate people in the world.

To be honest, this fix is long overdue. It is well known that mt-comments is a CPU hog. I also wonder if these fixes will apply to MovableType 2.661, the last fully free version that is still the most popular version out there. Doesn't Compendium use MT as well?

Posted by: quanta on December 17, 2004 10:46 AM

Post a comment

Name:


E-mail address:


URL:


Comments:


Remember info?

Vendor Solutions

Case Study: Security Service Credit Union
- Citrix

Newsletters
Sign up for one of NWW's newsletters.
Security Strategies
Network Systems Management
Security in Practice
Wireless News Alert
Convergence
Storage in the Enterprise
The Best of Network World
View all newsletters
Email Address:

Vendor Solutions

White Papers

Blocking Malicious Content with Zscaler
- Zscaler

How Hackers are Targeting Enterprise Users via Web 2.0 Browser Exploits
- Zscaler

How Zscaler Tackles Emerging Web Threats with High Speed, Real-Time Content Inspection in the Cloud
- Zscaler

More...

Special Report

Mobile Security: The Essential Ingredient for Today's Enterprise - Qwest
Software and technology solutions help mitigate security risks and safeguard from threats, but they require IT staff to select, deploy and maintain them. Problem is, today's IT environments are lean. This paper examines the current mobile security landscape, including myths surrounding the risks and threats, and how organizations can establish a solid mobile security strategy.


Research Centers: Applications | Application Development | Applications-Standards | Applications Vendor Solutions | Collaboration | CRM / ERP | Databases | Directories | Grid Computing | Java | Messaging | .Net | RFID | SOAP | Web Services | XML | Convergence & VoIP | Convergence Regulatory | Convergence Services | Convergence Standards | Convergence VoIP Vendor Solutions | Video | IP PBX | SIP | VoIP | VoIP Services | E-Business | DNS | RFID | Supply Chain | Web security LANs & Routers | Acceleration | Gigabit Ethernet | Lans-Standards | Routers | Wireless LANs | Network Management | Application Management | Desktop Management | Management Test Patch Management | Operating Systems | Linux | NetWare | Unix | Windows Outsourcing | Managed Services | Offshoring Security | Firewalls - VPN - Intrusion | Identity management | Patch Management | Microsoft Security | Privacy | Security Standards | Spam & Phishing | Viruses & worms | Web Security | Wireless Security | Servers & Desktop | Backup-Recovery | DataCenter | Desktops | Desktop Management | Grid | Servers | Server Blades | Servers Desktops | Utility Computing | Small & Medium Business | Broadband | Telework | Handhelds & PDAs | Home Networking | Security | Storage | Compliance | Infiniband | Network-Attached Storage | SANs | Storage Management | Storage Virtualization | Virtualization | Vendor News | Bankruptcy | Earnings | Lawsuits | Layoffs | Standards | Start Ups | Vendor Markets | Education | Financial | Healthcare | HIPAA | Manufacturing | Retail | Wide Area Network | Broadband | Carriers | Frame Relay | Metro Ethernet | MPLS | Service providers | Wireless services | Wireless & Mobile | Wireless LANs | PDAs & handhelds | Wireless Security | Wireless Services | Wireless Standards | Wireless Switches | All Company Profiles
IDG Network: Computerworld CSO Darwin Demo GamePro GameStar.com GamerHelp.com Infoworld
IT Careers IT World Canada JavaWorld.com LinuxWorld Macworld MacCentral.com Outsourcing World PC World Playlistmag.com