Topic: Spammer Death

Just wondering if there is means to pass out permissions to the lead government folk and perhaps others in various time zones to allow them to remove/ban nasty folks that fill our beloved board with spam. I volunteer to wreak horrid banning vengence and extermination of posts on such people. Slightly annoy.

Re: Spammer Death

Oh this is the second time, today. Just plain annoying.

Misty

Re: Spammer Death

Yes, it is annoying, particularly if you speak French and can understand what he/she is saying. We're probably going to need to IP ban them.

This is being dealt with; I've deleted the messages that I can.

Seriously, spammer, grow up.

Last edited by Silent Hunter (2011-03-01 18:36:55)

Re: Spammer Death

Oh believe me, you don't have to speak French to catch the meanings of the words.

Re: Spammer Death

I have likewise deleted the topics that I could that were created by the spammers.

The obvious step is to use one of those "please enter the words in the picture below" the regular prove you aren't a robot thing you generally see on websites. This would be a permanent end to the problem. Deleting the topics as they pop up is only temporary.

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

There is the possibility that it is just a Spam Bot, being as the links could have been advertisements. However the same action should be taken as any other situation.

Thumbs up Thumbs down

Re: Spammer Death

William Smith wrote:

There is the possibility that it is just a Spam Bot, being as the links could have been advertisements. However the same action should be taken as any other situation.

It is the assumption that it is a spam bot (hence my post above with the "prove you are not a robot" bit).

Seems we have another one on the prowl as we speak.

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

I have also discovered that I have the ability to change passwords (something I never noticed before). I don't know if Euan did this intentionally or if it was implemented for Coordinators or what, but I changed the new spammer's password so that they can't log in again to start their new bot.

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

RLongtin wrote:

Seems we have another one on the prowl as we speak.

~Robert

I just noticed....

Might be on to something with the whole "proving" point.

Re: Spammer Death

Yep, and I also noticed that while the brand new spambot account and the one from a little while ago are obviously linked (the whole "alasalope was here" bit being the same across both accounts), I've come to find that they are masking their IP address since the IPs are from two different networks.

That means firstly that they are definitely spambots and secondly that the CAPTCHA or similar systems are the only answer.

~Robert

EDIT: By masking their IP I mean they're masking the IP that originates the spam bots - it could be the spam bots are sent as trojans or the like to other IP addresses and are launching them remotely, or it could be that they are using an online service to mask their IP address. Or possibly they have multiple computers on multiple networks triggering spam bot attacks (highly doubtful - if they had those kind of resources I don't think they'd need to resort to spam bots to get advertising).

Last edited by RLongtin (2011-03-01 19:16:05)

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

^ Seconded.

Robert can you Ban people in the admin area or just change passwords?

Thumbs up Thumbs down

Re: Spammer Death

Three....three different times. And all three have that "alasalope". And all have been extremely annoying.

Misty

Re: Spammer Death

Currently just change passwords. I've noticed the first bot has been banned, the 2nd one I changed the password on. That seems to have halted their attacks for now. I think the bot logs out and logs back in repeatedly to avoid security token issues, so changing the password stopped it short.

I imagine another new spam bot will hit in the next 10 minutes though if they have a macro that creates new bots over and over.

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

Okay he has also been banned now (thanks Euan!)

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

I haz the Ban Hammorz so I'm just sitting around waiting for any new accounts

Thumbs up Thumbs down

Re: Spammer Death

^^^ Hahahaha! Good on ya, thanks for crushing them out! Be sure not to ban them before their first post (on the off chance it is a legitimate new user - I literally just a few hours ago invited a friend that I haven't talked to in a while, and I can vouch for him not being a spammer!).

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

Trololol.

Ok, I'll believe you for now......but remember the man is always watching.....always....

Thumbs up Thumbs down

Re: Spammer Death

I thought the spammer might be human. CAPTCHA on sign-up won't stop a human spammer who would then activate the bot when he/she had signed up; it might be an idea to have a further CAPTCHA test every 100 or so posts.

Thanks for everyone's good work in dealing with this.

- Silent

Re: Spammer Death

They've all had emails @fsq1.com. Needless to say, I've banned that domain for all emails. I've also been deleting the spambot accounts when I get online, as it removes all their posts in one fell swoop. Implementing a captcha is something I can do fairly readily, and have now done. Options available on it:

Require a captcha before users may register. This can be helpful to stop spam.
Require a captcha when logging in. Can help stopping brute-force attacks.
Require a captcha for guest posting (if enabled one).
Require a captcha to be entered when users try to reset their passwords.

I've set all bar "log in" to true just now. Also, folk with less than 10 posts are no longer able to have a signature, and cannot put website links in their posts. Hopefully that'll fix things a bit.

-Euan

Re: Spammer Death

Great work, Euan!

Re: Spammer Death

Euan Reid wrote:

Also, folk with less than 10 posts are no longer able to have a signature, and cannot put website links in their posts. Hopefully that'll fix things a bit.

-Euan

That is pure genius!

But here's a question. Say the brute force attack happens and they attempt to put website links in their post, will it prevent the post from going up or will the post appear without links? If it's the former then we are safe, if it's the latter then really it's "after 10 posts it'll start leaking through."

Thanks Euan for all the wonderful magic you perform behind the scenes!

~Robert

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

RLongtin wrote:

That is pure genius!


~Robert

*groan* Can his ego handle this???  big_smile

Misty

Re: Spammer Death

Silent Hunter wrote:

I thought the spammer might be human. CAPTCHA on sign-up won't stop a human spammer who would then activate the bot when he/she had signed up; it might be an idea to have a further CAPTCHA test every 100 or so posts.

- Silent

Right exactly - there is no system that doesn't have it's flaws, CAPTCHA having the problem that once the user gets in they can then implement a bot. I mean RSA Encryption which is used to make bank account transactions isn't impossible to hack.

I've done a lot of work in Cryptography and can definitely say that this is really all down to choosing a system that handles our particular problems well. I'll avoid the techno-mumbo-jumbo, but I wasn't really advocating CAPTCHA exclusively:

RLongtin wrote:

That means firstly that they are definitely spambots and secondly that the CAPTCHA or similar systems are the only answer.

(Emphasis added)

Mind you I didn't even mention CAPTCHA until my 3rd post, but I mentioned it then because it's so well known. But we can investigate any number of systems.

However that's not to say CAPTCHA won't work, if you put the short 4-letter CAPTCHA for every post, then it'll absolutely prevent botting - meaning the only way that a person using spam-bots can spam our site with advertising is to do so manually. Since these people are not in the business of doing work themselves, this is almost guaranteed to make them not want to bother with our site.

Now since Euan mentioned that we can have a sort of 10 post trial period, perhaps we could engage the CAPTCHA system for every post until the user has posted 10 times - in this way, the spammer needs to manually make 10 posts which depending on how strong their internet or computing powers are, could take a minute to possibly 10 minutes. We could also include a short bit of text that explains why we have such a system and that it lasts until we can feel certain that the user is not a spammer (so that new users understand the benefit of the system that it will provide to all of us and them). Such text could exist in a disclaimer of sorts when initially signing up (it's doubtful a spammer would read it anyways considering they don't give a hoot about site rules anyways).



It should be clear that one can never dismiss a system as inadequate when dealing with securities. It's all in how you use it. RSA Encryption has more vulnerabilities than Shift Ciphers, Affine Ciphers, and Vigenère Ciphers combined, but what makes it strong is how it is used. I've broken a few RSA Ciphers in my time, but it has taken me around a week to do each one.

RSA Encryptions are changed by banks on a daily basis. Why? Because if they wait much longer, then people who might try to break their ciphers could also infiltrate their system and pass information using their encryption. I could break an RSA Cipher if I wanted to, but by the time I manage to break it, I won't be able to infiltrate the system I broke into because they will have changed their encryption by then.

One-Time Pads are *supposedly* unbreakable, and they are - unless used incorrectly. As the name indicates, it is one-time use only. Using it more than once opens it up to attack.



My idea of CAPTCHA at the end of every post for 10 posts isn't impenetrable anymore than RSA is unbreakable. But the idea is to make the notion of getting past our securities not worth a spammer's time and effort. If spammers are persistent and break through, then we raise the bar to 20 posts. If they continue, we keep going until we no longer have spammers that want to break through our securities.

Also note this is but one way to implement a security system against such attacks. I find it highly effective on the psychological front, so it is probably worth considering.

~Robert

Last edited by RLongtin (2011-03-02 19:58:42)

http://i41.tinypic.com/2q2e0ig.png

Thumbs up Thumbs down

Re: Spammer Death

Good stuff. I didn't see the bit about you not limiting it to CAPTCHA; my apologies.

- Silent

Re: Spammer Death

Mmm, CAPTCHA. Better'n nothing, though. We should be able to implement a "have to do it whilst posting" thing too.

RLongtin wrote:
Euan Reid wrote:

Also, folk with less than 10 posts are no longer able to have a signature, and cannot put website links in their posts. Hopefully that'll fix things a bit.

-Euan

That is pure genius!

But here's a question. Say the brute force attack happens and they attempt to put website links in their post, will it prevent the post from going up or will the post appear without links? If it's the former then we are safe, if it's the latter then really it's "after 10 posts it'll start leaking through."

Thanks Euan for all the wonderful magic you perform behind the scenes!

~Robert

I'm not sure, actually. I suspect it'd be like when you get an error over posting normally.

mgwtaylor wrote:
RLongtin wrote:

That is pure genius!


~Robert

*groan* Can his ego handle this???  big_smile

Misty

'Course it can. I'm not the egotistical sort. Now, where's my champagne celebration?

-Euan