Guide to PHP SecurityQuicksearch |
Monday, May 31. 2004Blog Spam
In recent days I've noticed some very strange referral URLs on my top referrals link list. A few sites who definitely have no links somehow appear to have sent me a noticeable amount of users. How is this possible you ask? Well, it seems someone had figured out that blogging software does not perform any validation on the referrals (such as check if the link in present on the sending site) and with trivial scripts generate fake hits that quite easily get said site to appear on the top referrals list. Blocking such things is quite difficult since the scammers fake genuine browser signatures and in some cases even setup dummy pages that have the link back to the original site. More over @ least one of those scammers seems to be using anonymous proxies to prevent IP filtering. Quite frankly outside of manual referral validation or a referral whitelist I see no fool proof way to prevent this from happening. Since I don't have the time or interest invest time into manual validation or creation of whitelists, I am going to turn off "Top Referrals" perhaps someone with more free time then I will implement a whitelist for this purpose.
As far as the reason why people are doing this, well beyond getting perhaps a click or two from curios visitors of my site it helps their rankings on search engines (Google) that determine search result position based on the number of links to a site. Given that those same search engines can be used to find sites displaying such link lists it becomes trivial to design a simple script (heh could be a PHP script) to get a list of victims and send them a bunch of referrals. Given the growing popularity of blogs it seems to be a fool proof way to get lot's of attention. More over it does not appear to violate any laws, so for now it's seems like spammers/scammers have found safe haven. 
Monday, May 17. 2004Gmail as an online backup system
Recently I had opportunity to obtain a Gmail account (thanks James). For those you living under a rock it's the latest fad as far as free e-mail is concerned from the same people who brought us Google. The biggest attraction of Gmail is the 1,000 megabyte storage box and saner(?) monetization model that will rely upon the same text ads you may have seen near Google's search results, rather then big bulky banners and/or popup variations. At this time the system is in beta stage, so to get an account you first must be invited by an existing member, but only some members can invite (I am not one of them, so don't bother asking). While my initial plan for this account was to use it as the handler for mail comming to my @php.net account, which now a days comprises mostly of spam and windows viruses. Rather then have my server perform slow analysis on some 2-3 thousand messages, I'd let Google's Gmail do it for me.
Since most of the e-mail going to that account ended up being removed by spam filters, which seem to be quite good the account ended being rather empty, which seems rather wasteful. So, I've come up with a quick utility to make use of at least a small portion of the available space for backup purposes. To accomplish this task I wrote a small PHP script that can be used to backup files to Gmail and then quickly retrieve them back if and when you need them. I trust that Gmail servers are fairly reliable, and this offers an excellent offsite backup that is extremely fast (I can max out my connection on download 300k/sec) and accessible from anywhere internet is available. Given that you do have 1gig of space quite a few things can be backed up  .If you want to try it for yourself here is the script itself: Plain Text Highlighted PHP Source P.S. The script can probably be optimized to run a little faster by removing regex and making cURL use Keep-Alive, but given that most of the time is spent retrieving the file that is not a big concern at the moment.
Monday, May 17. 2004FUDforum 2.6.3 Released
Yey! Yet another stable release of FUDforum is out.
A bit more of e-mail fine tuning, this time aimed at making sure all mail clients can properly parsed encoded e-mails. Updated Chinese & French translations and the English translation undergone major grammatical revisions. The poll can now be position anywhere inside the message via the use of the {POLL} tag. Stricter URL session checks etc... All users are encourages to upgrade.
Thursday, May 13. 2004sendfile() syscall and why the 2.6 linux kernel sucks!
A friend of mine gave me a good idea of making a wrapper around the sendfile() syscall that can be used for very quick data transfers between socket and file descriptors. This syscall in some instances can replace 3 other syscalls (seek, read, write) when you need to write a portion of 1 file into another file. Another words a very neat functionality that I could see myself using in my own applications, such as the message file compactor for FUDforum who's entire job is to seek and write data from one file to another. Further tests have shown that this syscall can also be used to create a much faster copy() that compared to PHP's current copy mechanism is about 2x faster, not a bad improvement if I do say so myself.
However, when it came to testing the code in my primary development box it just would not work, neither would any sendfile example I could find on the net that dealt with transferring data across two files. After much searching on Google, IRC and reviewing the relevant kernel sources I've discovered the problem. It appears that as for Linux kernel 2.6.X sendfile() syscall can only be used to transfer data from a file descriptor to a socket descriptor. The so called "misfeature" of allowing data transfer between two files has been removed, while I could not find any reported problems about it in 2.4.X kernels where it can work with 2 file descriptors. The frustration is further escalated by the fact that sendfile() man page does not acknowledge this little tid-bit of information and only the very recent version even documents the EINVAL error code returned, ARGHH!!! I am still quite curios as to why this functionality was removed, since even after much searching I was not able to find the reason for it, only the fact that it was removed sometime in the 2.5.X kernel series.
Monday, May 10. 2004
Thursday, May 6. 2004A'dam conference
Sitting at the airport enjoying the "cheap" Dutchie wifi at a mere $10 per day waiting for my flight that is about 3 hours off. The conference was quite a bit of fun. I got to meet a number of PHP guys who I have not seen before as well as meet old friends and acquaintances. The city itself is quite interesting
and nearly everyone speaks English so communication with the locals is quite simple. One surprise was the fact that Dutchies don't seem to wear the traditional wooden shoes (perhaps it makes riding bicycles too hard?), the only time I've seen them was in the various tourist shops. The other was the fact that I have only seen about a dozen tulips in the country, which supposedly world renowned for this particular flower, oh well.P.S. The two talks I gave will be put online as soon as I return to Toronto.
|
My Flickr Stream
ArchivesCategoriesSyndicate This BlogBlog Administration |
Comments