Cyber Attack 12


Yet more cyber attack problems. Here is a look inside my comments editing page.

Download file

Mmmm – when I click on the link I get the page with full functionality. I do hope that’s only me!

I had already deleted hundreds of these nonsense comments this morning. The interesting thing about them is that they do not give any message, do not attempt to sell anything and do not contain any links to other sites. Their sole purpose is to overload and crash the site.

They are of course running on an automated programme, but the quetion is, was this blog targeted for a denial of service attack, or is this simply a nihilistic attempt to crash anything at random across the web?


Allowed HTML - you can use: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

12 thoughts on “Cyber Attack

  • Paul Johnston

    I work in IT and I wouldn’t get particularly paranoid. We often setup sites and the person (academic) says the would like a blog or wiki. When we say they will need to be moderated the normal response is no one will attack us, why would they want to attack a site on xyz?

    Welcome to the new world 🙂 It’s very much like tagging in graffiti. When the attacks happened on Estonian sites following the removal of the war graves I never thought it was state sanctioned just nationalistic script kiddies!

    Paul

  • Tom

    I’ve been meaning to tell you to use wordpress for ages for other reasons and now again for this issue there are a couple of plugins that will deal with this for you. One is called hashcash, the other akismet. They’re open source so probably available on other platforms.

  • Clark

    Hello Craig,

    your link above leads to an “.mht” file, which is a webpage archive format specific to Internet Explorer. It is apparently functional from here if I use IE, but requests username and password if I try to send my edit to the copy on your server.

  • Clark

    Craig,

    your site probably attracts the lowest form of spammers because no account is required to post comments. If you’d prefer more competent spammers you’ll have to increase your site security!

  • Bob Morris

    Akismet, a free plugin for WordPress, blocks virtually all spam comments.

    You might be targeted or it could just be bots spewing to whatever site it can get through. And that can be dangerous to both your site and readers.

    Akismet has blocked 1.1 million spam comments on my blog. It works.

  • Eeyore

    It may be random. It could equally be Israel supporters who are extremely active in this kind of behaviour, and have the techncial means, as I know from other sites. You have carried some comments about the rogue state, which could well result in you being hounded. I wouldn’t be surprised. Stifling of discussion, apart from the ‘right’ kind, is the aim.

  • Tom

    These “pointless”, short comments could be beacons indicating that the “scouts” of a larger spamming net were successful in posting some arbitrary comments. They might be followed by a crawler or uploading their logs to a control site. This could be part of a targeted attack or just usual botnet business.

    Chances for a DOS attack are minimal: Payload is too small and seems not to be repeating, Usually DOSes send the same or similar strings as quick and often as possible. Also the idea of a “nihilist attempt” doesn’t technically make sense: DOSes need vast capacities bundled for a short burst to bring a site down before it could engage throttling. load balancing or just switch to static content until the packet storm has calmed. That’s why they use to be distributed to large networks,

  • Paul J. Lewis

    Craig,

    You could consider adding a Recaptcha (or similar) validation mechanism to the comments page, if you’d rather not add user name and password logins for commenters. (It would probably be less effort too.)

    Democracy Now! do it try to limit posts to real people and keep out scripts (see link below for an example):

    http://www.democracynow.org/get_involved/contact

  • Tode

    If this was an attack, it was amateur.

    Sadly if you allow free comments without at least “captcha” protection you are likely to be flooded sooner or later. A commmon problem is that people try to get their site addresses (often gambling sites) all over the web so they will come high in search engine results. In my experience a simple “captcha” reduces the problem to manageable proportions. Please don’t make it too difficult like some sites do. It is having it at all that makes the difference; level of difficulty is almost irrelevant.

Comments are closed.