hi all, I know spam bots is nothing new -- but just wondering if anyone has noticed spam bots hitting their forum, coincidentally after the recent phpBB attacks?
Only started happening today, so I'm not sure if it has to do with the recent issues... Just thought I'd let you guys know, and get some feedback!
Gonna have to start banning .ru emails (that's where most of 'em are coming from ) or re-enabling forced e-mail activation.
recent spambots
Forum rules
Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
- A_Jelly_Doughnut
- Registered User
- Posts: 1780
- Joined: Wed Jun 04, 2003 4:23 pm
Re: recent spambots
We started seeing reports about this a week or two ago, so the incidents are unrelated.Only started happening today, so I'm not sure if it has to do with the recent issues... Just thought I'd let you guys know, and get some feedback!
A_Jelly_Doughnut
-
- Registered User
- Posts: 39
- Joined: Thu Mar 02, 2006 7:30 pm
Re: recent spambots
Latest batch of spam registrations. All in the last two days and usually with phony gmail addresses.
plarlyNeame, Authemiimmuri, OxiprorgO, Relaideax, Tymnsoocomo, GeriWrefe, Laxqueuew, AntalawUnpalE
It seems that the spam bots have cracked the Olympus registration protection.
Gideon
plarlyNeame, Authemiimmuri, OxiprorgO, Relaideax, Tymnsoocomo, GeriWrefe, Laxqueuew, AntalawUnpalE
It seems that the spam bots have cracked the Olympus registration protection.
Gideon
Re: recent spambots
The ironic thing is... I didn't get no spam bots at all until I updated to 3.0.4 from 3.0.2. I reckon, within 6 hours of updating the spam bots started successfully getting through.
I don't know what was done, but while people were reporting it up to as recent as 2 weeks ago it first started, I personally never had it even then until 3.0.4 was setup. I even increased the captcha complexity... didn't help, so if Olympus Captcha is finally cracked (was only a matter of time really) what's the best way to go from here other than monitoring for spam posts? As we do have guest postings on my forums, prior to having them register.
I don't know what was done, but while people were reporting it up to as recent as 2 weeks ago it first started, I personally never had it even then until 3.0.4 was setup. I even increased the captcha complexity... didn't help, so if Olympus Captcha is finally cracked (was only a matter of time really) what's the best way to go from here other than monitoring for spam posts? As we do have guest postings on my forums, prior to having them register.
Re: recent spambots
I would agree with this idea. I've not had any spam registrations atall under 3.0.2, and have been meaning to upgrade for quite a while.Daworm wrote:The ironic thing is... I didn't get no spam bots at all until I updated to 3.0.4 from 3.0.2. I reckon, within 6 hours of updating the spam bots started successfully getting through.
Only last Friday did I upgrade from 3.0.2 to 3.0.4, and now I'm getting spam registrations, and was wondering why the CAPTCHA was not preventing them!
Re: recent spambots
It has been noted that changing the noise level to both the foreground and background of the CAPTCHA is holding them off.
They are probably only breaking the default noise levels.
Do note that changing those levels can make it harder for humans too, so it is a trade off.
One other option, in the KB's is an article where you can use the custom profile fields as an anti-spammer system.
A copy of the KB is here for while phpBB.com is down.
They are probably only breaking the default noise levels.
Do note that changing those levels can make it harder for humans too, so it is a trade off.
One other option, in the KB's is an article where you can use the custom profile fields as an anti-spammer system.
A copy of the KB is here for while phpBB.com is down.
Starfoxtj Toolkit
ASAP member since 2004 - MS MVP (Windows Security) member since 2005
Live phpBB3 Forum
ASAP member since 2004 - MS MVP (Windows Security) member since 2005
Live phpBB3 Forum
Re: recent spambots
... or you could install primes Anti spam MOD I have uploaded it here http://mronion.me.uk/Prime_Anti-bot.zip
Re: recent spambots
Another option is to do what we have done at both phpBB.com and here at area51, use the moderation for xx posts after a member is activated.
Just that first post needing to be accepted by a moderator is enough to catch the spammers.
Just that first post needing to be accepted by a moderator is enough to catch the spammers.
Starfoxtj Toolkit
ASAP member since 2004 - MS MVP (Windows Security) member since 2005
Live phpBB3 Forum
ASAP member since 2004 - MS MVP (Windows Security) member since 2005
Live phpBB3 Forum
- CTCNetwork
- Registered User
- Posts: 65
- Joined: Thu Mar 18, 2004 9:41 pm
- Location: Nottingham
- Contact:
Re: recent spambots
Hi,
Might be worth noting that a number of spammer type registrations register on forums and never bother to return following registration. Not sure that this may be because I have Admin activation/validation turned on, but I get quite a few accounts created which look real enough (Ok IP address for registration, ok email address etc) but never visit once validated/activated...
That they don't revisit maybe a good thing, but if that is the case and they activate their account and never visit, you'll not catch them with the post moderation technique..
Maybe they are preparing the ground for future attacks or other badness.. One wonders...
Des. . .
Might be worth noting that a number of spammer type registrations register on forums and never bother to return following registration. Not sure that this may be because I have Admin activation/validation turned on, but I get quite a few accounts created which look real enough (Ok IP address for registration, ok email address etc) but never visit once validated/activated...
That they don't revisit maybe a good thing, but if that is the case and they activate their account and never visit, you'll not catch them with the post moderation technique..
Maybe they are preparing the ground for future attacks or other badness.. One wonders...
Des. . .
Density:- Not just a measurement~Its a whole way of Life.! ! !
Uninvited PM's are Deleted. Uninvited IM's - You get a warning - and get blocked. Capiche?
Uninvited PM's are Deleted. Uninvited IM's - You get a warning - and get blocked. Capiche?
Re: recent spambots
Remember you can prune the membership with different settings, such as over 3 months with zero posts.
If you feel a member who registers and never posts in the first week is never going to return, you could just prune all those away.
If you feel a member who registers and never posts in the first week is never going to return, you could just prune all those away.
Starfoxtj Toolkit
ASAP member since 2004 - MS MVP (Windows Security) member since 2005
Live phpBB3 Forum
ASAP member since 2004 - MS MVP (Windows Security) member since 2005
Live phpBB3 Forum