SH!T EATER ATTACK INFO

Want to request a new feature? You've come to the right place...

SH!T EATER ATTACK INFO

Postby Lassen Forge » Tue Mar 27, 2007 5:49 am

We are aware of the current attack going on at ePlaya - we have deleted well over 500 of this bots posts, no help in site until an admin logs on.

ALL USERS - PLEASE bear with us while we attempt to can this fuck, er, get this situation under control. If you can refrain from posting for a bit it will help!

Sincerely...

bb
User avatar
Lassen Forge
Moderator
 
Posts: 5322
Joined: Tue Feb 22, 2005 10:35 pm
Location: Where it's always... Wednesday. Don't lose your head over it.

Postby helitack » Tue Mar 27, 2007 8:28 am

How about this:
http://bbantispam.com/lr/

Or this:
http://www.phpbb.com/community/viewtopi ... sc&start=0

Or this:
http://www.phpbbdoctor.com/blog/?p=26

And, it seems appropriate at this point in time for the Admin to give up their sole priviledge of locking someones account and let the Moderators have that function enabled. It would help stop this stuff until someone makes it hard for the spammers to register on this thing...
User avatar
helitack
 
Posts: 4130
Joined: Sat Oct 16, 2004 10:00 pm
Location: A secret, undisclosed location in TexMexistan...
Camp Name: Apokiliptika

Postby MrMullen » Tue Mar 27, 2007 9:48 am

I have a couple of questions and comments that might help.

How many moderators are there? It seems like if you had 4 or 5 high ranking moderators and then a larger group of people that can disable accounts (Not delete) and move messages to handle spam right there and now. That way, you get plenty of eyes to handle the spam problem and then move messages to a place for a real moderator to delete them. If they screw up, they lose their jobs.

Also, someone should install a captcha program.
--
Mr Mullen
MrMullen
 
Posts: 314
Joined: Wed Jan 28, 2004 7:39 pm
Location: San Diego

Postby Dork » Tue Mar 27, 2007 10:08 am

We already have visual confirmation and do not allow guests to post. Spammers have figured out how to bypass visual confirmation already so it's of limited use. The question one is interesting, I'll have to add that to the list of things I am looking into. I have a different mod I'll try later today, hopefully that will keep this particular spambot from registering tomorrow.
User avatar
Dork
 
Posts: 2066
Joined: Tue Jan 06, 2004 7:01 pm
Location: Las Vegas

Postby MrMullen » Tue Mar 27, 2007 12:30 pm

I have to admit, captcha is not totally effective. There is a rather neat website dedicated to writing software that read captcha. As a computer science guy, I find it very interesting.
--
Mr Mullen
MrMullen
 
Posts: 314
Joined: Wed Jan 28, 2004 7:39 pm
Location: San Diego

Postby stargeezer » Tue Mar 27, 2007 8:01 pm

I believe I mentioned this once before, but just in case...

Why not limit the number of posts that a new account can have on a daily basis. After some period of time. this daily limit just goes away.

On a similar thought, what is the highest number of valid posts one account has had in a day? If the coding would be simpler, limit all accounts on a daily basis. While this may be a large number, I would expect it to be well less than the 500+ you were just hit with.

Neither of the above options would solve the problem, I am not sure there is a perfect solution, but at least they would limit the problem to a more reasonable number.
User avatar
stargeezer
 
Posts: 336
Joined: Sun Apr 30, 2006 8:56 pm
Location: Burning Mountains

Postby diane o'thirst » Tue Mar 27, 2007 10:09 pm

IMdB has a post quota on everyone on that board. After you post, you can't post again for two minutes. Course a hacker can program a bot to wait for yea-number minutes and post again but it would give the regular eyes a chance to spot it and report, or kill in the case of a mod. We wouldn't have "every-ten-seconds-rapidfire-submachinebot" spammage happening where it only takes an hour to flood the site.
ImageImageImage
User avatar
diane o'thirst
 
Posts: 2095
Joined: Tue Sep 09, 2003 5:04 pm
Location: Eugene, OR

Postby Dork » Tue Mar 27, 2007 10:17 pm

I have thought about limits too, and it would slow them down a bit but not stop them. One issue is that as far as I can tell, when a message is deleted there's no record left of it. So, they come in, post 10 (or whatever the limit is) messages, a moderator comes in and deletes them. Now that user has zero posts and can start posting again. Or, they can create an account, wait a week, then start spamming with it.

Pretty much any mod we put in will only slow them down a bit and stop the dumber spambots. The question one and instaban are the only published mods I see out there right now that seem to stand a chance at making a huge difference. I haven't seen much activity since I put in the confusabot mod this morning, hopefully that will calm things down a bit until I can get comfortable enough with the code to put in some more complicated changes.
User avatar
Dork
 
Posts: 2066
Joined: Tue Jan 06, 2004 7:01 pm
Location: Las Vegas

Postby spectabillis » Wed Mar 28, 2007 10:40 am

just an observation, but there's now scotto, bbsue, dork, antiM, emily... many more people comming together to tackle things than previously and its starting to show. they are volunteering their time and effort and i know I appreciate it. granted the spamming problem has been around too long and i understand people's frustrations, but i hope that others can see this change and support them.
spectabillis
 
Posts: 3530
Joined: Tue Mar 30, 2004 12:07 am
Location: parallel cortex sensory stream interface

Postby Archantael » Wed Mar 28, 2007 11:21 am

It's definitely noticeable. Without question.
And having moderators on at all times of the day and night has been something the board's needed for years.
Archantael
 
Posts: 472
Joined: Tue Oct 14, 2003 10:29 pm

Postby Cabana Springs » Wed Mar 28, 2007 1:22 pm

spectabillis wrote:just an observation, but there's now scotto, bbsue, dork, antiM, emily... many more people comming together to tackle things than previously and its starting to show. they are volunteering their time and effort and i know I appreciate it. granted the spamming problem has been around too long and i understand people's frustrations, but i hope that others can see this change and support them.


Honestly - I am very appreciative of all the help the current moderators do for this board. I am just glad you are not doing it anymore.
Filing taxes is not truely voluntary!
User avatar
Cabana Springs
 
Posts: 134
Joined: Tue Dec 19, 2006 1:16 pm
Location: P Valley - where the dogs roam

Postby DVD Burner » Wed Mar 28, 2007 1:34 pm

Just my 00000.002%

There is a new phpbbs update that should solve the sock shit problem.

http://images.tribe.net/tribe/upload/ph ... d2e9618e03

note: the image verification at sign up to the bottom.

:roll: :oops:
User avatar
DVD Burner
 
Posts: 9741
Joined: Fri Dec 12, 2003 4:09 am

Postby Dork » Wed Mar 28, 2007 1:39 pm

DVD Burner wrote:Just my 00000.002%

There is a new phpbbs update that should solve the sock shit problem.

http://images.tribe.net/tribe/upload/ph ... d2e9618e03

note: the image verification at sign up to the bottom.

:roll: :oops:

We already have image verification. It doesn't work. That one doesn't look much better.
User avatar
Dork
 
Posts: 2066
Joined: Tue Jan 06, 2004 7:01 pm
Location: Las Vegas

Postby DVD Burner » Wed Mar 28, 2007 1:56 pm

Huh? Doesn't work?


strange.

As far as the look goes, you can change it to look anyway you want.

any idea why it doesn't work?

what does it do when installed?
User avatar
DVD Burner
 
Posts: 9741
Joined: Fri Dec 12, 2003 4:09 am

Postby Lassen Forge » Wed Mar 28, 2007 2:10 pm

Simply put? Bots can decypher these. Sucks. Worth looking into if it really deos have a new angle to making it work without having the same downfall the other ones have...

Hugz,
Sus
User avatar
Lassen Forge
Moderator
 
Posts: 5322
Joined: Tue Feb 22, 2005 10:35 pm
Location: Where it's always... Wednesday. Don't lose your head over it.

Postby Dork » Wed Mar 28, 2007 2:12 pm

When I say it doesn't work, I mean the spambots already know how to read the letters in the image. There might be a system out there that's more difficult for those programs to read, but enough of their tries will still probably work.
User avatar
Dork
 
Posts: 2066
Joined: Tue Jan 06, 2004 7:01 pm
Location: Las Vegas

Postby Archantael » Wed Mar 28, 2007 3:09 pm

Thank you Cabana for saying exactly what I was thinking.

Back on topic when info on how to circumvent image verification exploits makes it to Darknet, the security value is nil. Image Verification is no longer effective, the horse is dead, hold your floggers.
Archantael
 
Posts: 472
Joined: Tue Oct 14, 2003 10:29 pm

Postby DVD Burner » Wed Mar 28, 2007 9:42 pm

Dork wrote:When I say it doesn't work, I mean the spambots already know how to read the letters in the image. There might be a system out there that's more difficult for those programs to read, but enough of their tries will still probably work.



I guess I've been fortunate.

Dork, thanks for being on the up and up.

you and Sue are rockin. :wink:
User avatar
DVD Burner
 
Posts: 9741
Joined: Fri Dec 12, 2003 4:09 am

Postby Toolmaker » Thu Mar 29, 2007 5:01 am

Just out of curiosity.. do these spambots use proxies? If so we can block alot of known proxie servers by IP address. I have a couple links to pages that have tons of proxies if you wanted to add the IPs to your block/ban list.
This account has been closed as demanded by Wedeliver.
Toolmaker
 
Posts: 2512
Joined: Wed Sep 27, 2006 12:44 pm

Postby spectabillis » Thu Mar 29, 2007 6:32 am

can post them up anyways. its been some time since i searched but my wish was to find a mod that lets the admin batch upload and install a list of reported bad ipaddr/domains. that was almost two years ago though when i looked, my thinking was something similar to an opensource antivirus app that gets community updates on what to scan for.
spectabillis
 
Posts: 3530
Joined: Tue Mar 30, 2004 12:07 am
Location: parallel cortex sensory stream interface

Postby mdmf007 » Thu Mar 29, 2007 8:24 am

find out where they live and I will personnal go there and kick them in the balls, before I destroy their computer set up and put the fear of god in them.
One of the Meanie Greenies (Figjam 2013)
User avatar
mdmf007
Moderator
 
Posts: 4773
Joined: Wed Mar 08, 2006 8:32 pm
Location: my computer
Burning Since: 1999
Camp Name: ESD

Postby emily sparkle » Thu Mar 29, 2007 7:21 pm

you can send me a list like that. i can't batch them, but i'll get them added...

i think a lot of them are using proxies.
:) emily sparkle
eplaya administrator
___

mobilize, energize, motivate, INSPIRE ordinary people to do things to improve their quality of life.
- nobel peace prize winner, wangari maathai
User avatar
emily sparkle
 
Posts: 899
Joined: Fri Jul 11, 2003 4:50 am
Location: the happy valley, ma

Postby Toolmaker » Fri Mar 30, 2007 5:59 am

PM sent to Emily and Dork. Keep in mind that these sites I sent you two update DAILY. You might need a mod just to block IP addresses 24-7. Hope those lists help out stopping the spammers. I was poking around the PHP website and it looks like there is a mod that blocks "open proxies". Would this work to block all of the bot software? I don't know much about these bots but I imagine these folks are probably using some kind of anonymous web surfing so they don't get in trouble. Good luck and thanks for all the hard work you put in.
This account has been closed as demanded by Wedeliver.
Toolmaker
 
Posts: 2512
Joined: Wed Sep 27, 2006 12:44 pm

Blocking Spammers

Postby A Human » Sun Apr 01, 2007 8:21 pm

Blocking Spammers

We use at Our Board the following anti spam mods.

Email Notification New_Registration 1 0 5 - to advise administrator of new users - great when you set membership to admin approved

E-Mail Spambot Fighter - To help fight spam, modifies all public e-mail addresses to display in the format: user AT domain DOT tld

Confusabot ACP - Change "agreed" and "coppa" variables to confuse bots

Admin Userlist regIP add on - This makes it so that you can see the IP address that the person registered with in the admin Userlist mod

Log ip - Logs the IP address of users when they register.

Admin Userlist regIP add on - makes it easier to delete/ban users

Disable User Posting Privileges - when you simply want to stop someone posting yet keep them as a user

Memberlist Hidden User MOD - allows user to control ones appearance on memberlist

Memberlist Access - With this MOD admin can decide who gets to view the memberlist. Options include: All, registered users, moderators, admins. Options are settable from the ACP.

Live Email Validate (LEV) - When a user signs up or edits their email address, this MOD will attempt to verify it via the DNS MX records and a test SMTP session, returning true or false as appropriate. In the event of failure, some server responses are displayed if DEBUG is set to true in constants.php

CodeCrush IP Log - This is an IP logger, that will log the IP of anyone browsing to your phpbb forums. It also logs referral info, ACP-logins and browser revision. Created cause I couldn't find any other IP-tracking utility within phpbb besides the poster_ip. I wanted to keep a log of all visitors not just posters. - fantastic for barring and identifying bad users

and yes they still get through, the ones that do are manual operators in which case barring of the ips usually suffice, if they were teched up they would be using software with variable ip.

More than happy to expand.

Peace

A Human
A Human
 
Posts: 29
Joined: Mon Mar 12, 2007 5:53 am
Location: Australia
Burning Since: 1999


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 0 guests