Alden Bates' Weblog

My apologies, one of the points in the MO described in the entry for Mike Tison last time is actually the MO of Alexander Morozov. Morozov is the one clusterbombing pages.

Alexander Morozov

• Comment spams with porn URLs. He and the Bulgarians are together responsible for most of the spam hits on my site.
• Has a script which is easily fooled by my on-page measures, but cluster-bombs and loads entries a lot which uses bandwidth.
• As well as the above, the queries he makes to the comment script can be over 11kb in length, including the text twice as a text parameter and a comment parameter. Other parameters used include sk2_time, sk2_my_js_check1, currency_code, business, domains, and item_name. May be a multi-purpose script.
• .com domains spammed: novusdelta, legacyart
• .org domains spammed: holyroodarchaeology
• see also: Spamhuntress Wiki: Dyakon (He's using a (fake?) New York address in domain registrataions now)

Other .com domains spammed:

• 888pokerguru via comment, registered to "Liron Snir" in Israel.
• homeequityloan-zz via trackback, registered to "Javier Navarrete" in Florida (See also: Spamhuntress Wiki: Florida comcast spammer)
• northvip via comment, registered to "Somer" (buglee11@yahoo.com) in Minsk, Belarus

The "Liron Snir" spam actually got to the point where it was almost posted! The domain's now in my blacklist of course.

So, what losers do we currently have trying to spam attack my weblog?

The Bulgarian twins

• Two attack modes:
  1. Irregularly referrer spams, always to the same URL on my site, mostly poker-related URLs but also some financial/pill sites. Easy to block at the .htaccess level.
  2. They've been hitting mt-tb.cgi fairly constantly, despite getting error 403s (I renamed the script over a year ago).
• Registration info leads back to top-support.net and support2000.net which both resolve to the same IP as support-4u.net (See previous post on the Bulgarian twins).
• See also: Chris's Wiki: Those amusing Referer spammers

Kazakhstan spammer Timur Tasbulatov

• May not be his real name. Referrer spams gay porn urls.
• Very irregular attacks, spams two or three links then disappears. Easy to block at the .htaccess level.
• Several of the domain names used lead back to:
    Timur Tasbulatov
    Zhibek Zholy 180-63
    Almaty 480091
    Kazakhstan
• See also: Push Back: REFERER SPAM: Timur Tasbulatov / emedia-omni.com / gay-ethnic-list.com

Russian spammer Mike Tison

• Comment spams with porn URLs.
• Has a script which is easily fooled by my on-page measures, but cluster-bombs and loads entries a lot which uses bandwidth.
• He attempted to spam me using an MSN spaces URL, but the email address used is identical to one I found spamming a health-medical.us subdomain domain. That domain uses name servers belonging to one of the domains on the page linked below.
• See also : Spamhuntress Wiki: Mike Tison

But, despite all that, I remain spam free.

Xtra here in NZ have been making a big fuss over how they've finally brought their broadband service speeds up to a 1/3 of world standard instead of only 1/30th. Of course, I'm not seeing any difference at all, because we've burned through the paltry 10GB data cap which Xtra insists on placing on accounts. Our connection (shared between three computers) is therefore currently choked back to worse than dial-up speeds, and web pages are taking 5 minute or so to load. An online transaction I was attempting to make timed out because the connection was so slow.

So, will the extra speed which Xtra has provided just mean we burn through the 10GB monthly allowance faster?

Perhaps they should change their name from 'Xtra' to 'Less'.

My old DVD player had been giving me a bit of grief for a while now. An aging Philips 711, it had started refusing to play some DVDs and had trouble with others. It was a reasonably good DVD player otherwise, apart from a bizarre design flaw where it was impossible to turn off the on-screen multi-angle icon (it seems to be common with anime DVDs to provide a second angle which contains storyboards).

So on Monday I bought a Panasonic DMR-ES30V VCR/DVD-R combo to replace the Philips and my similarly aging (but still trustworthy) Mitsubishi VCR. So far I'm pretty impressed with it. Though I haven't tried recording to DVD-R yet, taping to VHS works fine, and it didn't have any trouble at all playing the DVDs which my Philips would simply spit out...

The only drawback I've found so far is that it doesn't send video output through the RF out, only via the RCA video out, but that's only a problem for me because of my stereo (it has no remote so I have to lunge across the room to mute the adverts). I may post a more detailed review later.

The time display on the front panel acts as a pretty good night light too. :)

Sometimes events can conspire to give your web site a sudden spike in traffic:

Back in TSV 26, an article called The Comic Connections was published. Amongst other things, this article made mention of the comic book V for Vendetta. The article, including a comic frame from aforementioned comic book, is currently archived on the NZDWFC site.

Released this month is the movie version of V for Vendetta. I haven't seen it yet, but it looks pretty good from the previews. Unsurprisingly, a lot of people are doing web searches for it, and the comic frame from The Comic Connections happens to lie on the second page of Google image search results.

Last month, the archived version of the article got a total of around 260 hits. So far this month, the total hits is around about 2800.

Of course, there's a price to fame: lots of people (mostly on forums) have remote-linked to the comic book frame or, as I've now redirected it to, tubgirl.jpg. Is there no end to the amusement I can get from that jpg?

... will not be gracing my music collection, despite the fact I spotted a copy in the store the other day. Not only does it contain Copy Corruption technology (or "Copy Control" as it's more commonly known) but it also contains the evil Sony rootkit malware.

Amazon UK have it, but it's listed as an import and I'm not game enough to order it without knowing where they're getting it from and whether it has Copy Corruption/Rootkit crap on it.

It's a shame because I really enjoyed Melody A.M..

While reading my Yahoo! Mail, I got this error:

There was a problem accessing your account.

We recommend clicking the "Refresh" or "Reload" button on your browser's toolbar. If this doesn't correct the problem, re-login to your account. If the problem persists, click here to send us a report.

We sincerely apologise for the inconvenience and thank you for your patience.

So I clicked on "click here" (great link text there, Yahoo!) and got "Sorry, the page you requested was not found."

Brilliant!

Today I attempted to buy a can of V from Pak 'n Save. Since I only had
two items I went to the express lane.

* Checkoutgirl1 waves can over barcode reader a couple of times
Checkoutgirl1: Oh, it hasn't got a barcode
* Checkoutgirl1 waves can at fellow checkoutgirl2
Checkoutgirl1: What's the price on this? It hasn't got a barcode
* Checkoutgirl2 goes to look at shelf
* Checkoutgirl1 waves can at Alden
Checkoutgirl1: It'll just be a minute
* Checkoutgirl2 returns with price
* Alden pays and takes can gingerly in case it explodes

Seriously, WTF? Do Not Shake The Carbonated Beverage.

Actual query string used to find my weblog:
"use a 1.5gb image for myspace background"

I could cry, I really could. Anyone who thinks that's a good idea should be banned from the internet.

Another recent query to result in someone finding my weblog was "Princess Alden" *boggle*.

The River Road runs parallel to the Hutt River and bypasses Upper Hutt; I use it to drive to work every day. About 1/3 of the way up the River Road it crosses the river which requires a bridge (oddly enough). On either side of the bridge there are two fairly sharp bends which require traffic to slow to about 75kph and, as you might expect, there's been more than one accident there.

A couple of months back the city councilTransit NZ resealed one of the corners, and put a couple of "slippery when wet" signs up. So the resealing has acutally made the road surface more dangerous than it was before? WTF? Shouldn't they be trying to improve the road? Where is the logic?!