DaemonForums  

Go Back   DaemonForums > DaemonForums.org > Feedback and Suggestions

Feedback and Suggestions We want to hear your thoughts and ideas!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th May 2009
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default So, 'smokes & the Admin posse...

  • Any continuity observed in the raft of spammers we have seen this past week?
  • Any proposal(s) on how we can thwart these dastardly fiends in the future?
I vote that we send them to Guantanamo Bay & make them write Visual Basic code for the remainder of their natural lives...

Reply With Quote
  #2   (View Single Post)  
Old 30th May 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

http://www.nytimes.com/2009/01/22/us...itmo.html?_r=1

We could always just send them to your house ocicat..
Reply With Quote
  #3   (View Single Post)  
Old 1st June 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

If we are getting spammed on a daily basis, we can turn on moderation of posts of new members.

That way posts of newly joined members will have to be approved by an administrator before they will be visible for on the board.After a new member has posted one or two approved messages, moderation can be turned off.

This is a slight inconvenience but if it will be explained as an anti-spam measure in the welcome message for new members, I don't think it will meet much resistance
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #4   (View Single Post)  
Old 1st June 2009
Beastie Beastie is offline
Daemonology student
 
Join Date: Jan 2009
Location: /dev/earth0
Posts: 335
Default

IMHO, this WOULD be frustrating for new members. If you post something useful or ask for a solution, you want it to appear on the forums ASAP, not hours later.

Isn't it possible to automatically filter new members' posts for spam, block anything containing URLs or words related to the "sexology" and "pharmacology" jargons, and report them to an administrator?
__________________
May the source be with you!
Reply With Quote
  #5   (View Single Post)  
Old 1st June 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

Beastie, like a famous Dutch soccer coach said: "Each advantage has it's disadvantage"

The advantage of moderation is that the already joined members (the majoritiy) won't ever see any spam, while the newly joined members (a minority) experience a small lag before their post becomes visible.

Maybe CarpetSmoker, who is more familiar with the Vbulletin software,then me, could explain which other possible options would be.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #6   (View Single Post)  
Old 1st June 2009
ohauer ohauer is offline
Port Guard
 
Join Date: May 2008
Location: germany
Posts: 32
Default

Maybe it also helps to stop spam by blocking tinyurl's in the footer and the message self.

If you try to moderate only the first messages from a new member you cannot see the custom footer which can point to spam site with an tinyurl link.

For example see footer of nimbimumpipsy.
Reply With Quote
  #7   (View Single Post)  
Old 1st June 2009
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

There are two things that first spring to mind:

o Update the forum, this hasn't been done in a while because it's quite some work to properly merge custom changed.

o Set some restrictions for new members such as inability to edit posts, larger delay between posts, etc. for new users (until they posted ~10 posts) -- This is what freebsd forums does for example, it doesn't stop spam, but it does make it harder for a single spambot to make 40 posts.

I don't have any time during the week, but I don't have any plans for the weekend .... Guess I just made some

Quote:
I vote that we send them to Guantanamo Bay & make them write Visual Basic code for the remainder of their natural lives...
I can relate to sending them to Guantanamo, but writing Visual Basic ... That just inhuman!
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #8   (View Single Post)  
Old 1st June 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

Can you modify the registration form? Some uniqueness will stop a few of the automated scripts.. perhaps have new users confirm their password three or four times instead of the default of two.

A little bit of PHP and HTML knowledge should be enough to find a way to break simple scripts.. the rest of the vermin can be squashed with Carpetsmoker's left boot.
Reply With Quote
  #9   (View Single Post)  
Old 12th June 2009
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

We use ReCAPTCHA for the registration form, this is not something we need (Or can) update, since it's sourced from the ReCAPTCHA site and updated there.
AFAIK ReCAPCHA is one of the better CAPTCHA systems today.

Quote:
Can you modify the registration form? Some uniqueness will stop a few of the automated scripts.. perhaps have new users confirm their password three or four times instead of the default of two.

A little bit of PHP and HTML knowledge should be enough to find a way to break simple scripts.. the rest of the vermin can be squashed with Carpetsmoker's left boot.
Not really, many bots are pretty "generic" ... And there are also humans breaking CAPTCHAs for spambots.

What I would really like is a (basic) content-based spamfilter, something like this for example:
http://www.vbulletin.org/forum/showthread.php?t=131568

As a sidenote, in another thread (Can't remember which) and also in some post reports it was mentioned that this is starting to look like BSDForums, I can see where that is coming from, but I would like to note two key differences:

o Spam is actually being removed, note that on BSDForums the moderators has to individually move every single post a spammer made to a hidden forum called /dev/null -- So if a spambot posted 20 posts then they had to move 20 posts -- do'h! Even worse, they were unable to ban the spambot, there were spambots with hundreds of posts (I believe ocicat kept scores for a while).
On this forum an Admin just has to select one post from a spambot, opt to delete all posts made by this user and opt to ban the user, click on the button and it's done! Once a spambot is noticed it's a matter of seconds to clean it up.

o Things are being done to stop the spam from happening at all ... I know things are moving rather slowly, but at least they are moving.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 12th June 2009
ohauer ohauer is offline
Port Guard
 
Join Date: May 2008
Location: germany
Posts: 32
Default

Maybe this service is also useful, projecthoneypot.org.

If you search for 'projecthoneypot+vbulletin' you can find some good articles.
Reply With Quote
Old 12th June 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 336
Default

I know it's a chore, but I check every signup to fbsd forums against stopforumspam.com (well, not manually, a script). I usually nick 4-6 spammers a day, during registering.
Reply With Quote
Old 12th June 2009
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Good tip Ben, I'll be sure to check that out!

You should be able to use stopforumspam.com fully automated, simple python/php/perl script to fetch all user registered in the last n hours, and then loop over them checking against http://www.stopforumspam.com/search?q=<QUERY>.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 12th June 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 336
Default

Yep, I just have that mailed to me. I use procmail to send assorted fields of the signup email from VB (New User email) to a script, which tags the username, email address and IP address with 'ok' or 'not ok', depending on the outcome of the query. The email itself should not contain '1 Jan 1980' as the birthday && '1' as the real name. That's a known bot -- block on sight.
Reply With Quote
Old 12th June 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

We know you're trying your best, perhaps some of us are just recalling scaring memories from the past.

Take care.
Reply With Quote
Old 12th June 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 336
Default

@Carpetsmoker: SFS has a FF search engine plugin, very handy for quick lookups:
http://mycroft.mozdev.org/search-eng...top+forum+spam
Reply With Quote
Old 12th June 2009
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Quote:
Originally Posted by DutchDaemon View Post
@Carpetsmoker: SFS has a FF search engine plugin, very handy for quick lookups:
http://mycroft.mozdev.org/search-eng...top+forum+spam
Thanks, but I don't use firefox.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:59 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick