SPAM

jahnocli · Post by **jahnocli** » Wed Dec 06, 2006 3:19 pm

For the first time ever, when I logged on to the forum this afternoon (2.15 GMT), there was more spam than genuine content. This is a problem which needs fixing NOW!

dreeko13 · Post by **dreeko13** » Tue Dec 12, 2006 3:06 pm

if you view the member list and order it from the most recently joined members to the the oldies you will see that there are a hell of a lot of new members joining everyday now

and if you then click on the link to their websites you will see that a lot of these links are to some pretty iffy websites

its pretty obvious from doing this that these members are the spammers lying in wait for a spam attack ......ban them now and find a way to stop them re-registering or this forum is doomed

43 "members" registered yesterday and twelve so far today

the most recent two members websites link go to a russian site dedicated to distributing pirated macintosh software and the other goes to a site selling penis enlargement pills........

.....i somehow doubt these members have an interest in animation

artfx · Post by **artfx** » Tue Dec 12, 2006 5:22 pm

The key is not to make things to difficult for the actual users wanting to be here. Remember that Anime Studio is sellig really well and so the larger percentage of new registers may yet be real users or interested viewers. In the CP forums there is a link that tells new Anime Studio users to come here. Of course the recent popularity of AS will attract the chaff with the wheat.

Rasheed · Post by **Rasheed** » Tue Dec 12, 2006 5:27 pm

So we are not only going to get spammers, but trolls as well?

Shudder

artfx · Post by **artfx** » Tue Dec 12, 2006 5:31 pm

Yikes. Now that you mention it, yes it's very possible. If AS becomes as big as Poser... well look at any Poser forum.

cribble · Post by **cribble** » Wed Dec 13, 2006 2:39 am

TROLLS?

Rasheed · Post by **Rasheed** » Wed Dec 13, 2006 12:55 pm

I have noticed that the server seems to be hacked. I have sent a PM to myles and Lost Marble to warn them. The directory insertion was done on November 7, between 09:55 and 10:02 GMT, which indicates a human operator.

No, I will not tell you what this directory is, but the subject is clearly to earn lots of money.

Jus_Me · Post by **Jus_Me** » Thu Dec 14, 2006 1:31 am

easy fix, but no one to do it

Rasheed · Post by **Rasheed** » Thu Dec 14, 2006 1:50 am

Lost Marble has been looking in to this, and wanted to know how I knew about it, and if there was a link elsewhere on the server linking to this unofficial directory. I just used some spidering software to grab forum postings from this forum and stumbled upon this directory.

It has been removed, so I can give you the name of the directory: ringtones. There is a lot of money to be made from ringtones (a highly profitable business, with a lot of shady operators). And if I can spider this unofficial directory, so can Google, and up goes your ringtone website in Google rankings.

bupaje · Post by **bupaje** » Thu Dec 14, 2006 1:52 am

That was a good catch. Something to watch for in the future.

Rasheed · Post by **Rasheed** » Thu Dec 14, 2006 2:20 am

My worries are about how this directory could be inserted. If the server has been hacked, who knows what else is on there in hidden directories, or running in the background? It then will be very hard to purge the server from evil stuff.

This stuff just makes my head ache. Security is an uphill battle of wits and sometimes of brute force, on both sides.

Rhoel · Post by **Rhoel** » Sat Dec 23, 2006 4:21 am

Today has been another bad day for spam, tow bots posting to all topics.

However, all is not bad news.

I have been running a test on my forum - I had the same bots auto-psting past the spam protectiom. I averaged a post a day (my visitor turnover is lower). But ten days after making the changem I have not had one message get through.

I changed the authentication to admin - this seems to neutralise the spambot's auto enail verification routine.

The downside of this is the site administrator has to manually approve or disapprove a sign up. With ASForums 30 sign ups per day, the workload is heavy.

THe problem will be how to share the workload with the moderators - a dummy email account for signups (eg, newmembers@gmail.com) where the moderators share the users name and password, is one solution. THis may generate a new problem - to grant approve may need admin authorisation. But the principal of the moderators looking at the emails is faster than removing 10-20 mesasges autoposted by one bot.

Assuming the spambot programs are posting here as on my site, the biggest advantage is no spam gets through at all.

Rhoel

bupaje · Post by **bupaje** » Sat Dec 23, 2006 7:54 am

Yes, been tough. I have been deleting bathes of 12 britney posts about once per hour for most of the time I've been on the pc today. I don't know enough about phpbb but my old ezboard forum allowed me to assign approval rights and so on -in other words you could create moderators and 'super moderators' with a few more powers.

heyvern · Post by **heyvern** » Sat Dec 23, 2006 12:45 pm

Holy COW!

The spammer has posted in the announcements forum. Can't delete them there. No one is suppose to be able to post there!

Did this guy get admin access somehow? He has some kind of super admin access?

I give up. This sucks.

I hope there is a special place in heck for these backstards.

EDIT:

I think whoever is doing this is checking back. "he" is doing this on purpose because we keep deleting the posts. Just a theory from a paranoid.

-vern

Rhoel · Post by **Rhoel** » Sat Dec 23, 2006 1:52 pm

heyvern wrote:Holy COW!

The spammer has posted in the announcements forum. Can't delete them there. No one is suppose to be able to post there!

-vern

Oops. Sorry Mike.

I have to put my hand up to this one.

The guy had posted to every topic on the site - rather than delete him/it, because those messages were the only ones on their own and therefore movable, I decided to send them to the Spam area where I could add an explainatory note (requesting the banning this account - yes he appears to be a repeat offender, an IP ban is in order as he has had other user names).

But I goofed and didn't set the target directory correctly.

Now this in itself is interesting as I do not have Admin or Mod powers in that area, so in theory, the post shouldn't have been accepted ... this is a bug which I'll have to repost to phpBB as it's a weak-link waiting to be exploited.

But for Mike and the other Mods, my apologies, this is not a spambot or a real security breach, just me on a Saturday evening, thinking about which bar I chill the night out in, being made a fuss of by some young nubile Thai hostesses, etc ... cannot think how any of that caused my mind to wander

Now if I posted a link to the bar where I am likely to go, I'd have to go delete my own post

.

Rhoel