Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Interesting news post about Mary Ann Davidsons comments on security education"] [Next entry: "Amis Blog has an interesting entry on multiple listeners"]

Comments, spam and statistics spiders



I was taking a break from my mad workathon this evening and decided to surf http://www.orablogs.com - (broken link) orablogs and saw Brian's post http://www.orablogs.com/duffblog/archives/000910.html - (broken link) Ugh Comment Spam which I found very interesting as I have seen a massive increase in email spam recently. It has coincided with me having to work longer hours so has been very unwelcome as I had to devote quite a bit of time to cleaning up my email about two to three weeks ago. I am told by my ISP that I received tens of thousands of emails one evening about three weeks ago that crashed their email server. why me? - probably because my name is known all over the net and so is my email address.

I also had problems with comment spam some time back. I talked about it in a post here called "Comments have been disabled from my weblog" where someone was systematically posting rubbish to my blog in an attempt to add backlinks.

It seems that the spam world is getting cleverer. I run stats for my site that are private and not accessible to the general public which includes a list of referrers. I noticed a short while ago that there are starting to be a few referrers from filthy type sites and some advertising sites. I checked my logs and they are all posted from a number of IP Addresses with different referrer strings advertising some site or other. I also checked whois and found that all the IP Addresses i checked are blacklisted. I have a public stats page that only includes the totals of visits and hits per month / day etc. No referrers are included. My guess was that these people are using google to find all sites that have stats pages named with a consistent name and then spamming them. My guess also, unlike Duncans blog http://www.groundside.com/blog/content/DuncanMills/?permalink=908EEBE24C645908E395AC744ED45498.txt - (broken link) Blog Log Spam! is that they are targeting backlinks in stats pages rather than blog referrer lists. Anyway my public stats page doesn't include a referrer list so they are wasting their time, their clients money and my bandwidth. Duncan also points to an interesting wired article "When the Spam Hits the Blogs" that is quite an interesting read.

It seems to me that spam is no longer a problem just for email, its blog comments and also attempts to get backlinks in statistics pages. I recon I will need to remove my stats page soon to try and prevent these people.