Lewis P Posted December 10, 2006 Posted December 10, 2006 But they can enter numbers, how do you think they enter the CAPTCHA Code?
Tomm Posted December 11, 2006 Posted December 11, 2006 I get spambots attempting to register everyday but I have done some things that have it under control:- Turn on the Email validation option- Set email validation to delete accounts that are unvalidated after 2 days (or whatever time you set, i do 2 days)- Re-word your registration message to tell registering users that there account will automaticly be deleted after 2 days if there registration email is not replyed too etc.. make sure to ad an email address were legit users can email somebody if there is an issue, just in case. - Turn off guest posting (this is really a must these days)- lookup the common email domains of spammers (like @gawab) and at them the ban filter for email addresses, this takes care of most of the heavy ones right away.This seems to work fine, sure you get a human spammer once in a blue moon but my mods get them fast. Also in the other thread here there is a mod that forbids new users from adding url to there post etc..
krang Posted December 12, 2006 Posted December 12, 2006 Since I updated to 2.2 there hasn't been any spambots registering on my board. Good work the new registration code stuff!I disabled the spamaddresses (some *.ru, gawab and these) and nothing is happening any more. :)I turned on the normal code to enter on guest-postings. I never had problems with that but I like to have guest postings enabled.
SactoEric Posted December 13, 2006 Posted December 13, 2006 I've been discussing this topic, specifically this company, with people on another admin forum... One of their FAQ pages has been changed w/in the last day. It used to have a list of around ten URLs as examples to show how their software can defeat image verification. One of those URLs listed was the Peer1 (their own host) support forum. Peer 1 Network was contacted and the site was taken down w/in 24hrs. They weren't too happy about it... Unfortunately, their site is back up already and the only IP address I find resolves to APS Telecom. This host has been contacted as well. No response from them yet. On another note, I've added a few lines to my index.php that looks for the username entered in one of the custom fields, which is common just like "google" being entered into another field. Those registrations aren't allowed & the bot is sent to a blank white page. So far so good...
SactoEric Posted December 13, 2006 Posted December 13, 2006 I just got a repsonse to my email to APS Telecom's abuse address... first, here is some info about them so you can contact them as wellURL: http://www.3fn.netAbuse: abuse@3fn.netResponse from: dmt@0ad.netBotmaster.net sells a software, it doesnt not do any harm. you can kill a person with a knife but its completely legal to sell them. We dont findany reason to stop serving this customer dedicated server.That's a gutsy repsponse from a host considering the possible liability - It can be said that a knife does not have the sole purpose of doing harm. That cannot be said about this software. You would hope that a company would also want to protect their ethics. They don't even seem to care that BM (how appropriate) had their other host (Peer 1) listed as an example of how their software can defeat security measures. So, this host acknowledges and helps facilitate the distribution of this software. Perhaps we should let their other customers know who they're in bed with...
ASFx Posted December 13, 2006 Posted December 13, 2006 It's not legal to sell knives to people who have shown intent to stab someone with it, so it shouldn't be illegal to sell spam software to people who show intent to spam.
dwboston Posted December 13, 2006 Posted December 13, 2006 I was considering the idea of a spambot blacklist, either publicly or among IPB customers. It would be awfully easy to spoof, though, and could end up wreaking havoc. (Does anything other than havoc ever get wreaked?) Anyway, I googed up this Slashsot discussion from 2002. Bad idea. :(
SactoEric Posted December 13, 2006 Posted December 13, 2006 here's some more info someone provided on another forum:Registrant:Triple Fiber Network50 West San FernandoSan Jose, CA 95112US+1.8882106539Fax:+1.8887303812Domain Name: 3FN.NETAdministrative Contact:Medvedeva, Ioulia ***********@0ad.net50 West San FernandoSan Jose, CA 95112US+1.8882106539Fax:+1.8887303812Google 'Ioulia Medvedeva", and the results are interesting. It's a female Russian name.Now, let's google 3FN.NET. There was a link to the contact page, which read:Quote:Corporate Headquarters of 3FN.NET is located in London, UK where we manage the three affiliated offices: USA, Baltic countries and Russia. We use the offshore personnel for accomplishment of the remote administration's tasks and providing online support and consultations.More email addresses to contact:Quote:noc@3fn.netsales@3fn.netsupport@3fn.netabuse@3fn.netGoogle 3fn.net russia and 3fn.net spam - more interesting results. Spamhuntress also has 3fn.net in her sights; this article is the most interesting.I assume you all are on a bunch of different admin forums & since one of us can't cover them all, can we put in a collective effort to notify the forums each of us is on & get this information out there. It is, afterall, in every forum owner's best interest....
ASFx Posted December 13, 2006 Posted December 13, 2006 It's not legal to sell knives to people who have shown intent to stab someone with it, so it shouldn't be illegal to sell spam software to people who show intent to spam.Opps i made a typo there. I should have said it should
SactoEric Posted December 13, 2006 Posted December 13, 2006 Quick update: 3fn.net is tied to Above.Net - uses their datacenter or network (?)Above.Net has in their policies the following: (2) AboveNet customers are responsible for ensuring that they, their customers, and their respective agents and contractors abide by this policy. AboveNet’s customers will be held responsible for all traffic either sent via their connection to AboveNet or sent elsewhere using support services provided via their connection to AboveNet. "Support services" includes hosting websites, electronic mailboxes, telephony gateways, IRC servers, sale of spamming software or other similar services. Customers are also responsible for ensuring that they do not advertise or promote themselves through UBE/UCE.I believe Above.Net is contacting 3fn.net as BM is a direct violation of that policy, even if it is a customer of a customer.Peer 1 already dropped BM, but are somehow linked to 3fn.net & are still looking into the matter... chances are whatever service Peer 1 provides to 3fn.net will be cut off as well...
SactoEric Posted December 15, 2006 Posted December 15, 2006 Everyone, please note:This Hosting Account Has Been SuspendedThe hosting account of this domain has been suspended. The possible reasons for suspension of a hosting accounts are 1. The domain owner not paying the hosting fee. 2. The domain is running some unlicensed script. 3. The domain is involved in a spam complaint. 4. The domain is involved with network abuse actvities. Please contact the support department if you are the owner of this domain.If you are just a member of this site, please contact the domain owner directly. You can find the owner's contact information at whois.net .Get Paid Solutions is NOT the owner of this domain and will not answer any questions concerning this site.:)
princetontiger Posted December 17, 2006 Posted December 17, 2006 Anyone have a viable solution? This spam is very bad and custom profile fields do not work. I am now attempting to use numbers instead.
princetontiger Posted December 17, 2006 Posted December 17, 2006 I can assure you "no"I just did something and haven't had the daily botspam.
Darkside_RG Posted December 27, 2006 Posted December 27, 2006 Everyone, please note::) :blink: sadly botmaster seems to be back up
stef Posted February 12, 2007 Posted February 12, 2007 Ressurrecting an old thread, because it's still pertinent. Don't get bogged down into hassling sites that sell bot software - you're wasting your time (although it might make you feel better).The way I've been dealing with spam has been "mostly" working.(I banned most of Asia-pacific which cut about 75% of all the spam I was getting ... but ignore that for the moment.)I have, and desire, a guest forum. Some people have had difficulty registering, and a forum where guests can post is useful. I don't want to require email verification for everything, because that's very, very easy to fake. It's even easier than captchas. So, I have my guest forum require moderation, so all new posts are invisible until someone approves it or deletes it as spam.What I want is captcha requirements on all guest posts (or of selected groups). Anyone know if there's a mod, or setting for that? I'm currently running 2.1.7, but could easily run 2.2.1.
stef Posted February 15, 2007 Posted February 15, 2007 It's built into 2.2.xNice, I just tested it and it looks great.Now to deal with other skinning issues from that upgrade....
Guest Posted February 15, 2007 Posted February 15, 2007 not really, the more advanced bot software can resolve the captcha's, sure it boots some of them but not all...what really would be interesting is a system like they have on gmail: - people report a post as spam and at a certain number of reports the post is sent to your spam folder.of course to implement this into forum software it would require you to have communication with a central server which would need to have communication with your server for each thread posted so not sure how much of a bandwidth requirement we're looking for, the data which needs to be captured is minimal (emailaddress, subject of thread) but multiplied by the number of threads all forums have this would end up being a lot of megabytes per second.an alternative would be to maintain a bad email-list on a central server which gets updated at regular intervals to your own server, at the moment of registration the person trying to register with an email address gets refused if it's in the list. At the moment the bad email-list gets updated all posts created with that email-address get deleted. might be not as good as first solution, but it's more bandwidth friendly.
Garret Posted February 15, 2007 Posted February 15, 2007 not really, the more advanced bot software can resolve the captcha's, sure it boots some of them but not all...Really :) Nice captcha for example http://www.captcha.ru/captcha/ Also we can use some math expression in captcha( http://www.ibresource.ru/screenshots/%5B755%5D1.jpg ), not only numbers/letters, I saw animated captcha for phpBB(and also used this stuff in my mod AdvancedBotDefence), etc.
wwwdude711 Posted February 22, 2007 Posted February 22, 2007 I had this prob too, but I came up with a good solution. 100% of all SpamBots had the same e-mail (*@ultimatemeasure.info), just by banning it I got ride of all SpamBots forever! (w00t) Hope this'll help you :ph34r:
Watty Posted February 22, 2007 Posted February 22, 2007 Spam bots will always be a fact of life. The better the system gets to blocking them, the better the script kiddies will get to bypassing them. All you can hope for is the ability to minimize them. :thumbsup:
bfarber Posted February 22, 2007 Posted February 22, 2007 I'm afraid any centralized server options are probably not going to happen - we just don't have the resources to maintain something like that.
.Ryan Posted February 22, 2007 Posted February 22, 2007 I'm afraid any centralized server options are probably not going to happen - we just don't have the resources to maintain something like that.I could imagine, but still I don't want my "server" communication with the "master" server and giving it information. Because then that opens up the whole privacy issue of whats its taking out of the database... and blah blah. <_< But right now I maintain this file, http://www.ipsbeyond.com/forums/index.php?...mp;showfile=755Which has a massive list of everything you should ban, I take Spam Bot info off a dummy forum, and it works great. Just enable guest posting and setup a bunch of random forums, and watch the spam trickle in, no security, and then harvest the IPs and I add them to the ban list. ;)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.