I thought sure I posted this before, but apparently not. Here’s the schedule for the upcoming 21st Cincinnati Old Time Radio and Nostalgia Convention in PDF format.

 21st Cincinnati Old Time Radio and Nostalgia Convention Schedule: Download

As my regular readers know, we (like every other blog) have a considerable problem with trackback spam; while we use an excellent plugin which removes most of it, I believe I have a responsibility to spend some time letting system administrators know that their machines are being hijacked (usually it’s an insecure script on the server that can be abused) so they can fix the problem. Clearly I can’t report every machine (and simply firewall off those machines in China, Russia, and other countries where we don’t do business), but I do try to let operators of those machines showing a pattern of abuse (especially but not limited to government and university machines; lately the server farms have been the real problem) that they have an issue, and politely ask them to deal with it. I provide httpd logs showing dates/times of abuse, as well as an example of one of the trackback spams.

This morning, some childish sysadmin hiding behind an http proxy and throwaway Yahoo account wrote a comment to an irrelevant post complaining that I complained. The knucklehead actually whined that I was, “reporting [my] spam problems and passing them onto various datacenters, who in return, passed the buck onto the various server admins and webmasters.” Wow…apparently this guy (has to be a guy…no woman would be this immature) finds it an affront that his upstream expects him to fix his problem. How shocking!

It’s a shame I don’t know the IP address of the machine he “admins” that was (and probably is, considering that he spent time complaining to the victim instead of finding and eliminating the problem script - I dunno, since once I report a machine I add it to the firewall rules so it doesn’t bother me again) being used to send spam to hundreds if not thousands of machines on the Internet (what..you think I was the only server being annoyed by this machine? unlikely…this thing is likely being used 24/7 on a huge list of blog URIs) so I could thank the upstream for dealing with this issue professionally by reporting it to the “admin” of the server in question (and, from the sound of it, shutting the “admin’s” machine down until the problem was properly dealt with). Clearly he’s more interested in selling $7 websites…if his “customers” open a hole that can be exploited, he doesn’t want to know about it since it might make him actually get off his rear and do something. That it might cost innocents money in additional bandwidth fees doesn’t worry this guy.

The few times my server has been used by the bad guys, I thanked the reporters for letting me know (and my server farm tech folks for helping me identify and squash the problems as quickly as possible). While I try desperately to keep up with the latest patches, and help my clients every way I can when there’s a problem, there’s always some insecurity being introduced that needs to be addressed, patched, fixed, or removed. I consider that the most important part of an admin’s job, not some inconvenience taking me away from my game of Solitaire. Clearly I’m no longer the norm, though; the idea of being a good netcitizen has apparently been replaced with a, “don’t bother me if my machine is being used for spam so long as I don’t get any of it” attitude.

It makes me a little sad that the Internet has irresponsible people like this running machines on it, and a bit wistful for the good-old-days when a spamming victim wasn’t treated worse than the spammer.