Hello,
Just so you know, chello.pl (quite popular ISP in Poland) isn't very quick when it comes to replying to emails about abuse.
I have also checked a few phpbb forums (in Poland) and there is no sign of user funtklakow.
There are quite a few zombies in this network
Whois FuntKlakow
Forum rules
Please do not post any "phpBB" specific topics here unless they do not fit into the category above.
Do not post bug reports, feature or support requests! No really... Do not post bug reports, feature or support requests! Doing so will make Bertie a very sad bear indeed. :(
Please do not post any "phpBB" specific topics here unless they do not fit into the category above.
Do not post bug reports, feature or support requests! No really... Do not post bug reports, feature or support requests! Doing so will make Bertie a very sad bear indeed. :(
Re: Whois FuntKlakow
Maybe I have become paranoid. On or about Feb. 24 a user named Cepelin , same MO as Funt is running the same script. Even the same words in the few posts it has left behind.
One person or a group . google Cepelin and see the same patterns.
~~~
add:
funt is pushing mybigproxy
cepelin is pushing trafficgorilla in their sigs
like they are trying to draw hits by their harassment of phpbb
One person or a group . google Cepelin and see the same patterns.
~~~
add:
funt is pushing mybigproxy
cepelin is pushing trafficgorilla in their sigs
like they are trying to draw hits by their harassment of phpbb
Re: Whois FuntKlakow
I think it's just being used to spam!!
http://www.psprimed.com/forum/viewtopic ... hlight=#59" target="_blank
Have a look at its signature.
http://www.psprimed.com/forum/viewtopic ... hlight=#59" target="_blank
Have a look at its signature.
-
- Registered User
- Posts: 2
- Joined: Mon Mar 20, 2006 2:59 am
Re: Whois FuntKlakow
I did some checking on this FuntKlakow, too, and I think it's most likely a board spammer. I looked at quite a few posts on different forums and they all had links -- looked to me like he/she/it is posting to get their links in. The posts contain phrases similar to phrases used by blog comment spamming bots. Stuff like "Couldn't have said that better", "Wow, that is cool!", "Oh, how nice."
To those of you with forums where FuntKlakow registered -- I wondered -- do you have visual confirmation enabled? Would a bot be able to bypass visual confirmation?
And do you have user confimation, or admin confirmation for new registrations?
FuntKlakow hasn't hit my forum, but I banned the username and email address just in case it tries.
I don't think it's a planned mass attack, at least I hope not. I think it's a board spammer. At my forum, we used to have a lot of bot registrations with spammy homepage links - links to porn sites, funky search sites, and so on. Once we got visual confirmation set up, no more bots.
At any rate, everyone would be advised to make sure their board software is updated, patched, and that your hosting company is using the latest php version and is using good security practices. I've seen a lot of compromised sites recently, some on php forums/sites, some not, where hackers used an sql injection to insert iframe links to sites running exploits, like the WMF exploit, or hacked the site to set up a phishing site. Sorry to go a litte OT, but it's truly alarming to see so many normal, good sites being hacked and used for nefarious purposes.
To those of you with forums where FuntKlakow registered -- I wondered -- do you have visual confirmation enabled? Would a bot be able to bypass visual confirmation?
And do you have user confimation, or admin confirmation for new registrations?
FuntKlakow hasn't hit my forum, but I banned the username and email address just in case it tries.
I don't think it's a planned mass attack, at least I hope not. I think it's a board spammer. At my forum, we used to have a lot of bot registrations with spammy homepage links - links to porn sites, funky search sites, and so on. Once we got visual confirmation set up, no more bots.
At any rate, everyone would be advised to make sure their board software is updated, patched, and that your hosting company is using the latest php version and is using good security practices. I've seen a lot of compromised sites recently, some on php forums/sites, some not, where hackers used an sql injection to insert iframe links to sites running exploits, like the WMF exploit, or hacked the site to set up a phishing site. Sorry to go a litte OT, but it's truly alarming to see so many normal, good sites being hacked and used for nefarious purposes.
Suzi
SpywareWarrior.com
SpywareWarrior.com
-
- Registered User
- Posts: 12
- Joined: Thu May 26, 2005 3:24 am
Re: Whois FuntKlakow
The main thing i'm wondering is whether or not any of you who have had this person register at your forum have visual confirmation running?
This seems to be a bot that is registering, but if that is the case how is he bypassing the visual confirmation?
BTW I have VC enabled on my forum and havent had this person reg yet, but then again i dont have a huge forum either.
This seems to be a bot that is registering, but if that is the case how is he bypassing the visual confirmation?
BTW I have VC enabled on my forum and havent had this person reg yet, but then again i dont have a huge forum either.
- rsrikanth05
- Registered User
- Posts: 1
- Joined: Mon Jan 02, 2006 8:16 am
- Contact:
Re: Whois FuntKlakow
same thing happened at my forums...
have you guys read this-http://blogs.forumer.com/entry.php?w=Pe ... e_id=31848
have you guys read this-http://blogs.forumer.com/entry.php?w=Pe ... e_id=31848
-
- Registered User
- Posts: 2
- Joined: Mon Mar 20, 2006 11:40 am
Re: Whois FuntKlakow
8) well....g'day g'day..seems our buddy here is making a nuisance of him/herself
landed on one of my sites I manage:
http://www.stephensutton.com" target="_blank
and it's forum:
http://www.stephensutton.com/ssforum" target="_blank
so the general consensus is to delete the existance of this dood hmm..
email i got for reg was:funtklakow@socialinfohub.com
bye all
phill-littleozzy
http://www.fairbloodydinkum.com" target="_blank
http://www.littleozzybloke.com" target="_blank
landed on one of my sites I manage:
http://www.stephensutton.com" target="_blank
and it's forum:
http://www.stephensutton.com/ssforum" target="_blank
so the general consensus is to delete the existance of this dood hmm..
email i got for reg was:funtklakow@socialinfohub.com
bye all
phill-littleozzy
http://www.fairbloodydinkum.com" target="_blank
http://www.littleozzybloke.com" target="_blank
Re: Whois FuntKlakow
spefenprof.org Forum Index
Author Message
Topic: A tua participação é indispensável. Contamos contigo!
Cepelin
Replies: 1
Views: 258
PostForum: Quadro de Referência da Língua Portuguesa Posted: Thu Feb 23, 2006 4:22 pm Subject: A tua participação é indispensável. Contamos contigo!
I agree with you completely.
_______________
[url=http://www.trafficgorilla.net/]Webmasters, click here for more traffic!
~~~
At least we know the bots do not read Portuguese.
Author Message
Topic: A tua participação é indispensável. Contamos contigo!
Cepelin
Replies: 1
Views: 258
PostForum: Quadro de Referência da Língua Portuguesa Posted: Thu Feb 23, 2006 4:22 pm Subject: A tua participação é indispensável. Contamos contigo!
I agree with you completely.
_______________
[url=http://www.trafficgorilla.net/]Webmasters, click here for more traffic!
~~~
At least we know the bots do not read Portuguese.
-
- Registered User
- Posts: 2
- Joined: Mon Mar 20, 2006 11:40 am
Re: Whois FuntKlakow
neither do i mate but thats cool...i get the drift of it all..
us orstralyans might be a bit slow..but we catch on eventually..
take care,
littleozzy 8)
us orstralyans might be a bit slow..but we catch on eventually..
take care,
littleozzy 8)
Re: Whois FuntKlakow
Like most of you here im a concernd phpbb admin. (http://www.alientrap.org/forum" target="_blank)
I have not yet had this FuntKlakow register, and want to trow out a lil question: Do you ppl that have had this FuntKlakow reigister at yer forums use the Visual Confirmation option? I have it enabled and no FuntKlakow sofar. From what i have read here it looks like we are dealing with somekinda bot with purpose still unknown, so unless it is very advanced, or reaylay unsucsessfull regitrations for human proccessing, i think the visual confirmation can stop it.
I have not yet had this FuntKlakow register, and want to trow out a lil question: Do you ppl that have had this FuntKlakow reigister at yer forums use the Visual Confirmation option? I have it enabled and no FuntKlakow sofar. From what i have read here it looks like we are dealing with somekinda bot with purpose still unknown, so unless it is very advanced, or reaylay unsucsessfull regitrations for human proccessing, i think the visual confirmation can stop it.