SPAM

General Moho topics.

Moderators: Víctor Paredes, Belgarath, slowtiger

User avatar
jahnocli
Posts: 3471
Joined: Fri Oct 29, 2004 2:13 pm
Location: UK

SPAM

Post by jahnocli »

For the first time ever, when I logged on to the forum this afternoon (2.15 GMT), there was more spam than genuine content. This is a problem which needs fixing NOW!
You can't have everything. Where would you put it?
User avatar
dreeko13
Posts: 187
Joined: Fri Oct 13, 2006 8:29 am
Contact:

Post by dreeko13 »

if you view the member list and order it from the most recently joined members to the the oldies you will see that there are a hell of a lot of new members joining everyday now

and if you then click on the link to their websites you will see that a lot of these links are to some pretty iffy websites

its pretty obvious from doing this that these members are the spammers lying in wait for a spam attack ......ban them now and find a way to stop them re-registering or this forum is doomed

43 "members" registered yesterday and twelve so far today

the most recent two members websites link go to a russian site dedicated to distributing pirated macintosh software and the other goes to a site selling penis enlargement pills........



.....i somehow doubt these members have an interest in animation
User avatar
artfx
Posts: 213
Joined: Sat Nov 11, 2006 10:52 pm
Location: Hollywood
Contact:

Post by artfx »

The key is not to make things to difficult for the actual users wanting to be here. Remember that Anime Studio is sellig really well and so the larger percentage of new registers may yet be real users or interested viewers. In the CP forums there is a link that tells new Anime Studio users to come here. Of course the recent popularity of AS will attract the chaff with the wheat.
----
Terrence Walker
Studio ArtFX
LEARN HOW TO Make YOur Own Animated Film!
Get Video Training to Show You How!
User avatar
Rasheed
Posts: 2008
Joined: Tue May 17, 2005 8:30 am
Location: The Netherlands

Post by Rasheed »

So we are not only going to get spammers, but trolls as well?

Shudder :evil:
User avatar
artfx
Posts: 213
Joined: Sat Nov 11, 2006 10:52 pm
Location: Hollywood
Contact:

Post by artfx »

Yikes. Now that you mention it, yes it's very possible. If AS becomes as big as Poser... well look at any Poser forum. :shock:
----
Terrence Walker
Studio ArtFX
LEARN HOW TO Make YOur Own Animated Film!
Get Video Training to Show You How!
User avatar
cribble
Posts: 899
Joined: Wed Aug 04, 2004 12:42 pm
Location: London, UK
Contact:

Post by cribble »

TROLLS?

Image
--Scott
cribble.net
User avatar
Rasheed
Posts: 2008
Joined: Tue May 17, 2005 8:30 am
Location: The Netherlands

Post by Rasheed »

I have noticed that the server seems to be hacked. I have sent a PM to myles and Lost Marble to warn them. The directory insertion was done on November 7, between 09:55 and 10:02 GMT, which indicates a human operator.

No, I will not tell you what this directory is, but the subject is clearly to earn lots of money.
Jus_Me
Posts: 45
Joined: Wed Dec 14, 2005 10:10 pm
Contact:

Post by Jus_Me »

easy fix, but no one to do it :(
User avatar
Rasheed
Posts: 2008
Joined: Tue May 17, 2005 8:30 am
Location: The Netherlands

Post by Rasheed »

Lost Marble has been looking in to this, and wanted to know how I knew about it, and if there was a link elsewhere on the server linking to this unofficial directory. I just used some spidering software to grab forum postings from this forum and stumbled upon this directory.

It has been removed, so I can give you the name of the directory: ringtones. There is a lot of money to be made from ringtones (a highly profitable business, with a lot of shady operators). And if I can spider this unofficial directory, so can Google, and up goes your ringtone website in Google rankings.
Last edited by Rasheed on Thu Dec 14, 2006 1:52 am, edited 1 time in total.
User avatar
bupaje
Posts: 1175
Joined: Fri Nov 12, 2004 5:44 pm
Location: California
Contact:

Post by bupaje »

That was a good catch. Something to watch for in the future.
[url=http://burtabreu.animationblogspot.com:2gityfdw]My AnimationBlogSpot[/url:2gityfdw]
User avatar
Rasheed
Posts: 2008
Joined: Tue May 17, 2005 8:30 am
Location: The Netherlands

Post by Rasheed »

My worries are about how this directory could be inserted. If the server has been hacked, who knows what else is on there in hidden directories, or running in the background? It then will be very hard to purge the server from evil stuff.

This stuff just makes my head ache. Security is an uphill battle of wits and sometimes of brute force, on both sides.
User avatar
Rhoel
Posts: 844
Joined: Fri Feb 25, 2005 8:09 am
Location: Phnom Penh, Cambodia
Contact:

Post by Rhoel »

Today has been another bad day for spam, tow bots posting to all topics.

However, all is not bad news.

I have been running a test on my forum - I had the same bots auto-psting past the spam protectiom. I averaged a post a day (my visitor turnover is lower). But ten days after making the changem I have not had one message get through.

I changed the authentication to admin - this seems to neutralise the spambot's auto enail verification routine.

The downside of this is the site administrator has to manually approve or disapprove a sign up. With ASForums 30 sign ups per day, the workload is heavy.

THe problem will be how to share the workload with the moderators - a dummy email account for signups (eg, newmembers@gmail.com) where the moderators share the users name and password, is one solution. THis may generate a new problem - to grant approve may need admin authorisation. But the principal of the moderators looking at the emails is faster than removing 10-20 mesasges autoposted by one bot.

Assuming the spambot programs are posting here as on my site, the biggest advantage is no spam gets through at all.

Rhoel
User avatar
bupaje
Posts: 1175
Joined: Fri Nov 12, 2004 5:44 pm
Location: California
Contact:

Post by bupaje »

Yes, been tough. I have been deleting bathes of 12 britney posts about once per hour for most of the time I've been on the pc today. I don't know enough about phpbb but my old ezboard forum allowed me to assign approval rights and so on -in other words you could create moderators and 'super moderators' with a few more powers.
[url=http://burtabreu.animationblogspot.com:2gityfdw]My AnimationBlogSpot[/url:2gityfdw]
User avatar
heyvern
Posts: 7042
Joined: Fri Sep 02, 2005 4:49 am

Post by heyvern »

Holy COW!

The spammer has posted in the announcements forum. Can't delete them there. No one is suppose to be able to post there!

Did this guy get admin access somehow? He has some kind of super admin access?

I give up. This sucks.

I hope there is a special place in heck for these backstards.

EDIT:

I think whoever is doing this is checking back. "he" is doing this on purpose because we keep deleting the posts. Just a theory from a paranoid.

;)

-vern
User avatar
Rhoel
Posts: 844
Joined: Fri Feb 25, 2005 8:09 am
Location: Phnom Penh, Cambodia
Contact:

Post by Rhoel »

heyvern wrote:Holy COW!

The spammer has posted in the announcements forum. Can't delete them there. No one is suppose to be able to post there!

-vern
:D Oops. Sorry Mike.

I have to put my hand up to this one.

The guy had posted to every topic on the site - rather than delete him/it, because those messages were the only ones on their own and therefore movable, I decided to send them to the Spam area where I could add an explainatory note (requesting the banning this account - yes he appears to be a repeat offender, an IP ban is in order as he has had other user names).

But I goofed and didn't set the target directory correctly.

Now this in itself is interesting as I do not have Admin or Mod powers in that area, so in theory, the post shouldn't have been accepted ... this is a bug which I'll have to repost to phpBB as it's a weak-link waiting to be exploited.

But for Mike and the other Mods, my apologies, this is not a spambot or a real security breach, just me on a Saturday evening, thinking about which bar I chill the night out in, being made a fuss of by some young nubile Thai hostesses, etc ... cannot think how any of that caused my mind to wander :roll:

Now if I posted a link to the bar where I am likely to go, I'd have to go delete my own post 8) .

Rhoel
Post Reply