Spammers & bots

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Pete Mack
    Prophet
    • Apr 2007
    • 6883

    Spammers & bots

    After the massive pr0nspam attack yesterday, I took a look at the new members list.

    It's pretty clear this site is under moderately heavy attack by bots--there are an insane number of new 'members' with obviously generated names with 0 posts and 0 visits, on order of 10 registrations per day. One of them--apparently a master site--is repeatedly using an R-rated picture as its avatar.

    Pav,
    This is looking rather grim. Can you put some restriction on the composition of user names or something?

    If you like, I'm willing to research the vbulletin boards for possible remedies.
  • Nick
    Vanilla maintainer
    • Apr 2007
    • 9647

    #2
    A partial solution might be to
    1. Include a comment in the registration email to the effect that any account which has no posts and no ladder dumps within a week will be deleted and
    2. Delete any account with no posts or ladder dumps within a week.


    Don't ask for implementation details - I'm more of an idea rat.
    One for the Dark Lord on his dark throne
    In the Land of Mordor where the Shadows lie.

    Comment

    • pav
      Administrator
      • Apr 2007
      • 793

      #3
      Pete, I am aware of those usernames. So far, they havent done any harm, or any activity at all. They were all registered from a single subnet of certain Indonesian ADSL provider, which is rather curious.

      The spam outbreaks are always done by a freshly registered username.

      Deleting accounts is counter-productive, as that allows the spambot second round of spamming. Banning these accounts is better.
      See the elves and everything! http://angband.oook.cz

      Comment

      • Derakon
        Prophet
        • Dec 2009
        • 9022

        #4
        I recommend changing the captcha to something more specific to Angband. I don't think that the bots are specifically targeting this site; they're just scanning for forums they know how to register and post on, and then trying repeatedly to get past the captcha. Change it into something like "What is the first artifact light source most characters find?" (and then doing a regex for "galadriel" on the answer) would probably work pretty well. Or even "What famous fantasy author's work is Angband based on?"

        Heck, one site I use just says "Are you human?"

        Comment

        • SaThaRiel
          Adept
          • Nov 2009
          • 174

          #5
          Yeah, fighting spam(-bots) is not an easy task. I have some success on a forum with a simple math module (well, for phpBB). Its just questioning stuff like "seven plus 3" or "IV minus six" and the like...it seems to work. Maybe this is an idea for this board (if there is a module for vBulletin). The "board topic" related question will work too.
          Captcha and email activation do some good but seem to leak a bit. I dont know why...maybe the bots are good enough.
          Another change i recently made is to put all users into a "newly registered users" group which doesnt allow them to browse the memberlist, pm other members and post directly (posts have to be approved first). They will be put into the usual member group after 2 posts (apporoved ones). I think that you can compare the workload to this forum (also more users but postcount should be similar or just a bit higher). And it consumes maybe 15-20 minutes additional "work" a day.
          Protecting the admin area with an .htaccess file seems to do good too. So many little things can be done. The sum should work well
          Proud candidate for the Angband Darwin Award!

          Comment

          • pav
            Administrator
            • Apr 2007
            • 793

            #6
            Those are solid advices, but I believe the recent spam outbreaks were carried out by a living fleshy human, not by a botnet.

            I would hate to inconvenience newcomers to have to wait a couple of hours before their initial post is approved. I fear that would drive people away from starting to post on here. I already do that thing you mentioned about PMs.
            See the elves and everything! http://angband.oook.cz

            Comment

            • Atarlost
              Swordsman
              • Apr 2007
              • 441

              #7
              You could, though, hold any post with an external url or image by a new poster for moderation.

              So urls that start with andband.ook.cz are allowed through (since the ladder is here) but any other url gets the post in the moderation queue.
              One Ring to rule them all. One Ring to bind them.
              One Ring to bring them all and in the darkness interrupt the movie.

              Comment

              • pav
                Administrator
                • Apr 2007
                • 793

                #8
                Not a bad idea. I will check how hard it will be to implement in vB.
                See the elves and everything! http://angband.oook.cz

                Comment

                • SaThaRiel
                  Adept
                  • Nov 2009
                  • 174

                  #9
                  Hm, and what about having a post delay of some minutes for the second post (after registration - one post direct, 2nd one has to wait)? Mostly people who are interested will post one topic or answer a question maybe - but they seldom post 2 or more times after they registered. So this may help to keep the mass spamming flesh humans away because it takes them too much time (actually they get paid for it).
                  Sure there is the chance that someone wants to post twice and maybe has to wait for 5 minutes. But with a good description this shouldn't be a too big problem for most people. And if its a problem for them then theyre maybe in the wrong forum anyway
                  Proud candidate for the Angband Darwin Award!

                  Comment

                  • pav
                    Administrator
                    • Apr 2007
                    • 793

                    #10
                    Ineffective - the first spam will still get through.
                    See the elves and everything! http://angband.oook.cz

                    Comment

                    • SaThaRiel
                      Adept
                      • Nov 2009
                      • 174

                      #11
                      Well - i dont think that you can fight effective against the first spam, especially when there are human spammers. But it would avoid such a spam attack happened yesterday.
                      Sure its everytime a balance act...keep the board functional for welcome users and make it hard to use for spammers.
                      Maybe people must send a "CV" before able to post Actually i know that there are online games which use to do this.

                      Edit: Oh, before i forget it - disable registrations from mail.ru and others helped. Maybe also from most free email services (googlemail, yahoo, msn and so on). But this is again a "hard" step which may not work to ensure the usability of the forum/community.
                      Proud candidate for the Angband Darwin Award!

                      Comment

                      • fph
                        Veteran
                        • Apr 2009
                        • 1030

                        #12
                        Originally posted by SaThaRiel
                        Edit: Oh, before i forget it - disable registrations from mail.ru and others helped. Maybe also from most free email services (googlemail, yahoo, msn and so on). But this is again a "hard" step which may not work to ensure the usability of the forum/community.
                        I would strongly object to banning free email services in the registration. For an instance, the average high-school student has no other way to get an e-mail address. And even those who have a "work" or "university" e-mail sometimes prefer not to use it on non-work-related sites.
                        --
                        Dive fast, die young, leave a high-CHA corpse.

                        Comment

                        • pav
                          Administrator
                          • Apr 2007
                          • 793

                          #13
                          Okey, I found a plugin that do exactly what we want - stop anything from zero-poster that contains hyperlink. Hope it will not misbehave...
                          See the elves and everything! http://angband.oook.cz

                          Comment

                          • Zikke
                            Veteran
                            • Jun 2008
                            • 1069

                            #14
                            Originally posted by pav
                            Okey, I found a plugin that do exactly what we want - stop anything from zero-poster that contains hyperlink. Hope it will not misbehave...
                            That should probably take care of most of it. Even though there are human spammers that we can't really stop, stopping the bot spammers will take out 95% or more of the spams.
                            A(3.1.0b) CWS "Fyren_V" NEW L:50 DL:127 A++ R+++ Sp+ w:The Great Axe of Eonwe
                            A/FA W H- D c-- !f PV+++ s? d P++ M+
                            C- S+ I- !So B ac++ GHB? SQ? !RQ V F:

                            Comment

                            • buzzkill
                              Prophet
                              • May 2008
                              • 2939

                              #15
                              Oh great! Now where wll I get my 'top notch pornography' and 'genuine Gucci handbags' from?

                              Don't ban the free mail servers. I like having an email address that doesn't change every time I get a new ISP or JOB.
                              www.mediafire.com/buzzkill - Get your 32x32 tiles here. UT32 now compatible Ironband and Quickband 9/6/2012.
                              My banding life on Buzzkill's ladder.

                              Comment

                              Working...
                              😀
                              😂
                              🥰
                              😘
                              🤢
                              😎
                              😞
                              😡
                              👍
                              👎