go_away

Author Topic: Admin just won a victory against forum spam!  (Read 4416 times)

0 Members and 1 Guest are viewing this topic.

Offline AdminTopic starter

  • Administrator
  • Supreme Robot
  • *****
  • Posts: 11,666
  • Helpful? 169
    • Society of Robots
Re: Admin just won a victory against forum spam!
« Reply #30 on: May 23, 2010, 08:51:22 PM »
That won't work.

Back in the day, 90% of the spam accounts came from eastern Europe, specifically the RIPE network. It was actually a joke that if we just removed the RIPE network from the internet, the spam problem would have been solved :P

But last year a lot of the spam shifted and came from China. The RIPE network was no longer a big problem.

And starting this year, it appears to be mostly coming from India. Also, I'm not getting it from quite a lot of random around the world countries, implying its from bot networks or VPNs.

Point being the problem seems to be shifting over time to different countries . . .

Offline dannyboy1121

  • Jr. Member
  • **
  • Posts: 14
  • Helpful? 0
Re: Admin just won a victory against forum spam!
« Reply #31 on: May 24, 2010, 06:01:34 AM »
I appreciate the point about botnets - and being honest, I'm seeing a similar spread recently against my mail server.

Do they connect direct to the forum enrollment page or do they navigate in via the web site. If it's the former then can you deny access based on page referral?

Offline AdminTopic starter

  • Administrator
  • Supreme Robot
  • *****
  • Posts: 11,666
  • Helpful? 169
    • Society of Robots
Re: Admin just won a victory against forum spam!
« Reply #32 on: May 25, 2010, 03:06:32 AM »
Do they connect direct to the forum enrollment page or do they navigate in via the web site. If it's the former then can you deny access based on page referral?
hmmmm sounds like a good idea!

Anyone know php enough to write a script to do this? The forum is written in PHP, so the script would be added at the beginning of the registration page.

That said, its easy for a spammer to work around this - if they are aware of the mod.

Offline Asellith

  • Contest Winner
  • Supreme Robot
  • ****
  • Posts: 648
  • Helpful? 9
  • "I'm a leaf on the wind. Watch how I soar"
Re: Admin just won a victory against forum spam!
« Reply #33 on: May 25, 2010, 06:25:57 AM »
yes but spammers are lazy they will just harass another forum with a lazy admin instead of one who keeps fighting them :)
Jonathan Bowen
CorSec Engineering
www.corseceng.com

Offline dannyboy1121

  • Jr. Member
  • **
  • Posts: 14
  • Helpful? 0
Re: Admin just won a victory against forum spam!
« Reply #34 on: May 25, 2010, 06:44:40 AM »
I guess this is a start?

http://www.vonfelten.com/blog/2007/06/05/referral-url-from-session-using-php/

If someone then attempted URL spoofing or approaching form the correct navigation path, there are probably other things that can be done as well.

Offline AdminTopic starter

  • Administrator
  • Supreme Robot
  • *****
  • Posts: 11,666
  • Helpful? 169
    • Society of Robots
Re: Admin just won a victory against forum spam!
« Reply #35 on: July 20, 2010, 02:40:25 PM »
Just an update to this . . .

On average one spam account per day gets past the SoR defenses (that I can detect).

That said, the anti-spam system I've installed has auto-blocked over 450 fake accounts in the last 2 months, plus an untold number more through blanket IP range blocks . . . sheesh!

Offline Asellith

  • Contest Winner
  • Supreme Robot
  • ****
  • Posts: 648
  • Helpful? 9
  • "I'm a leaf on the wind. Watch how I soar"
Re: Admin just won a victory against forum spam!
« Reply #36 on: July 20, 2010, 02:51:27 PM »
The price of success :) just think what facebook and twitter deal with on a daily basis. Of course they have teams paid to handle that and all we have is one smart but over worked Admin :)
Jonathan Bowen
CorSec Engineering
www.corseceng.com

Offline AdminTopic starter

  • Administrator
  • Supreme Robot
  • *****
  • Posts: 11,666
  • Helpful? 169
    • Society of Robots
Re: Admin just won a victory against forum spam!
« Reply #37 on: July 20, 2010, 02:57:09 PM »
The price of success :) just think what facebook and twitter deal with on a daily basis. Of course they have teams paid to handle that and all we have is one smart but over worked Admin :)

But . . . FaceBook gets rich off of spammers!
http://yro.slashdot.org/article.pl?sid=09/10/30/1713258
http://it.slashdot.org/article.pl?sid=08/11/24/2120250
also interesting:
http://threatpost.com/en_us/blogs/attackers-moving-social-networks-command-and-control-071910

gmail/yahoo/hotmail are the #1 email domains for spam accounts registered on SoR, I blame them for not preventing it. >:(

Offline SmAsH

  • Supreme Robot
  • *****
  • Posts: 3,959
  • Helpful? 75
  • SoR's Locale Electronics Nut.
Re: Admin just won a victory against forum spam!
« Reply #38 on: July 20, 2010, 04:07:48 PM »
So your saying you should sue the spammers? :D
Howdy

 


Get Your Ad Here

data_list