Site  •  Wiki  •  FAQ  •  Login

Spam/Ad bots

<<

KooKsTeR

User avatar

Posts: 34

Joined: June 26th, 2009, 11:47 pm

Post October 27th, 2009, 12:05 am

Spam/Ad bots

so whats up with the spam/ad bots that keep hitting the site? is anything being done about them?
<<

IskatuMesk

User avatar

Posts: 153

Joined: June 6th, 2009, 8:59 pm

Post October 27th, 2009, 11:03 am

Re: Spam/Ad bots

[11:02] Ascherzon: bots are really going to town on modcrafters
[11:02] Ascherzon: it's amazing
[11:02] Ascherzon: it's like watching mold grow
Image
<<

Lavarinth

User avatar

Posts: 40

Joined: June 6th, 2009, 12:28 am

Location: San Diego, CA

Post October 27th, 2009, 11:05 am

Re: Spam/Ad bots

This is hilarious. Thanks to Isk's IM I had to just login and check this out.
<<

Hercanic

User avatar

Site Admin

Posts: 478

Joined: June 6th, 2009, 12:25 am

Location: Korea

Post November 6th, 2009, 10:34 pm

Re: Spam/Ad bots

So far, this is the list of spambots I've purged. Care to guess where most of the IPs are from? =o)

ds80240redft		221.6.135.66		fdjbjhb@tom.com
smilss21 219.133.122.67 smilss21@chongsoft.com
ds87943redft 221.6.135.66 fdjbjhb@tom.com
Ainsimmeda 194.8.75.145 speefetaw@2008votedsites.net
enluxury0123 124.193.170.34 leqinruiheng@aol.com
vip1863 58.217.225.208 vip1863@sohu.com
Maziro8132 203.194.153.226 sotooi@chongsoft.org
Waojoke1219 118.142.28.210 jowoke@wormseo.cn
Antememot 195.2.240.203 grierpofe@gmx.com
szr2000 221.221.35.81 shenzhirui160@163.com
ghij223 117.8.123.71 shenbing173@wpmu.org.cn
bestugg20 117.26.74.248 bestuggboots11@gmail.com
oo178372 124.193.170.146 china6290@gmail.com
mpgr513i 124.193.170.146 hbhdshilonghu@gmail.com
o243915 124.193.170.146 television751@gmail.com
SpoorpMup 89.248.172.98 pikatorov1298@gmail.com
gold3229 124.128.105.110 andelinee2@gmail.com
ou62505 124.193.170.146 kinggreen123@gmail.com
wat23912 124.193.170.146 zhangming134@gmail.com
BELTS25452 110.43.63.4 beltsusa@gmail.com
tree15er366 124.193.170.146 sfsfsdsd@gmail.com
mialslk301 124.193.170.146 hongxiaoxiao@gmail.com
Inpully 204.124.182.252 jansuto+ea@gmail.com
vwxy584 60.163.56.71 haibonet09@gmail.com
efgh072 61.49.180.121 nikeshox160@gmail.com
mary 121.247.194.226 marysaint7@gmail.com
Smeablezems 91.214.45.92 jeadabuhbuh@gmx.co.uk
dhkdemfprla 118.41.77.190 dhkdemfprla100@yahoo.co.kr
leinqueoi123 124.193.170.162 hdzhulukang@gmail.com
erepqiki0123 124.193.170.162 hbdongqing@gmail.com
<<

TassadarZeratul

User avatar

Posts: 288

Joined: June 7th, 2009, 1:00 am

Location: Behind myself

Post November 7th, 2009, 7:25 am

Re: Spam/Ad bots

There's another one. Our newest member is clearly a bot based on the username.

EDIT: And I can't guess.
Image
<<

Hercanic

User avatar

Site Admin

Posts: 478

Joined: June 6th, 2009, 12:25 am

Location: Korea

Post November 7th, 2009, 12:16 pm

Re: Spam/Ad bots

It is pretty easy to spot them, it's just catching them in time.
<<

TassadarZeratul

User avatar

Posts: 288

Joined: June 7th, 2009, 1:00 am

Location: Behind myself

Post November 7th, 2009, 4:15 pm

Re: Spam/Ad bots

Just so you know, the account "apos" is not a bot.
Image
<<

UnusedUpgrade60

User avatar

Posts: 81

Joined: June 25th, 2009, 12:50 pm

Location: You don't even want to know.

Post January 18th, 2010, 10:56 am

Re: Spam/Ad bots

Yeah, where are the IPs from? By the way, WTF is your avatar, TZ?
<<

Hercanic

User avatar

Site Admin

Posts: 478

Joined: June 6th, 2009, 12:25 am

Location: Korea

Post January 18th, 2010, 1:20 pm

Re: Spam/Ad bots

Q: Care to guess where most of the IPs are from? =o)
A: For those who fail at WHOIS, the answer is China.
Click here to show the answer!
<<

bajadulce

Posts: 102

Joined: June 7th, 2009, 2:53 pm

Location: Santa Cruz, CA

Post February 6th, 2013, 5:25 pm

Re: Spam/Ad bots

I notice new registration is turned off on the site?

I recently converted over to phpBB3 for my forums as well and struggled w/ a horrendous bot issue in the infant stages of forum. Image captcha just doesn't do what it supposed to do. Maybe back in 1998 it worked great, but it's outlived its time. Every spam bot out there can read the goofiest and blurriest of images with ease. Image captcha only hinders humans! :lol:

Single word security questions seem to eventually get brute force cracked. And if you use a super unique answer, there's a good chance your target audience won't be able to solve it. So we have begun using a security question that entails a string of characters (including blank space etc) that bots have yet to crack. The answer to the question is also stored right there in the banner clear as day! We have turned off all "captcha" and even email validation w/o any issues over the past month this has been implemented. You might stop in the forum and check out the process for yourself.

Hate to see these boards' membership stagnant like this. There are new ppl out there, that I'm sure would like to contribute to this forum.

For the past few years, we too have had new registration set to private request only and experienced almost zero growth as would be expected. Just wish had taken steps like the one we have implemented now then.
<<

Hercanic

User avatar

Site Admin

Posts: 478

Joined: June 6th, 2009, 12:25 am

Location: Korea

Post February 18th, 2013, 7:57 am

Re: Spam/Ad bots

Yeah, registration has been closed off for quite a while now. I'd need to fix up a few things on the backend before I can reopen registration. To be honest, I wasn't sure how much interest there was.

I can attest to the effectiveness of customized, community-specific security questions. I had resounding success with it on a board my wife runs, dropping bot registrants down to zero for the past three consecutive months.

Out of curiosity, why the switch from vBulletin to phpBB?
<<

bajadulce

Posts: 102

Joined: June 7th, 2009, 2:53 pm

Location: Santa Cruz, CA

Post February 19th, 2013, 12:38 am

Re: Spam/Ad bots

Does your wife's forum use a single word password? And it must be very unique? I'm using a 2 word phrase at the 2 sites (toyotamotorhomes and bwai) which is comprised of pretty generic words i.e. "since 2004". Here, the bot would have to include the "space" as well. So just some additional ideas to throw your way that wouldn't require a lot of head scratching in terms of coming up w/ some "unique" question/answer. It doesn't have to be unique or tricky, just effective.

@ interest
No, probably not a lot you're right. The few that are, might just be looking for easy answers to some basic questions answered a thousand times over OR they could be that one gem with something mind-blowing revolutionary to contribute and just the spark to ignite the interest for others to follow. It is very apparent that the current modding scene (the ones outside of our family of "known" veterans who have long vanished) all use your site and ours as an archive of knowledge and reference for their projects. All of this undocumented "activity" by these individuals has surely lead to discoveries that could contribute to that never ending desire for more modding options. Regaining access tho is step 1.

@ vbulletin
We converted from a "loaned" version of InvisionPowerBoards that ran the forum from day1. In Nov 2012, a huge security hole was exploited in IPB and forums everywhere were soon infected w/ malware and flagged by Google. Ours was one of those. We had no means to "update" (at least legally), and so it was decided the open source software phpbb3 was the best choice rather than update the pirated software. The switch wasn't easy, and many wanted to just start over. In the end, the boards were converted and I learned a few things during the process.

You're in Korea now? You and wife were teaching English in Japan before this right? How long has that been? Wow, time zips by.
My nephew who incidentally got me into Starcraft around 1998ish when he was 10, has since graduated from UCSanta Barbara and is in the Army stationed in Korea for the next 2 years. He's 25 now. :lol: This fact alone would seem to suggest it might be time to hang it up on Starcraft... so you'd think.
<<

Hercanic

User avatar

Site Admin

Posts: 478

Joined: June 6th, 2009, 12:25 am

Location: Korea

Post February 19th, 2013, 4:55 pm

Re: Spam/Ad bots

The answers themselves are extremely simple, usually one character, but the question is randomly selected from a bank of several. I'll share my thought process about writing them:

  1. Must have a simple answer, with virtually no unexpected deviations. The easiest type of question to think up that fulfills this requirement are mathematical word problems.

  2. Do not directly state the answer within the question itself. There must be some amount of missing information that you can be reasonably certain any human being will understand, or the answer must be hidden behind a human-obvious logical puzzle. Example: "what is the acronym for the ModCrafters community? (the particular capitalization is intentional)"

  3. If you put the question into Google, it shouldn't turn up the answer. I accomplish this by first making the question "obscure", then by making it "long". With too many search terms, Google won't turn up anything useful. A helpful way to add length without confusing a human is to put in a sort of (Hint: ) or (Tip: ) that clarifies the question for a human while also giving Google too much to search for. Obscurity can best be achieved by making the question dark, funny, or specific to your community.

  4. Here's one of the questions I wrote as an example to illustrate all of the above concepts: "If the mob breaks six of the shopkeeper's fingers, how many functional fingers does he have left? (Assume he had normal hands, and thumbs count as fingers.)" As you can see, it's obscure because of its dark humor, it's a word problem involving something all people have (hands), yet it's missing the obvious fact that people have ten fingers, and length is added with the parenthetical clarification about thumbs.

Invision? I could have sworn you were using vBulletin. Huh. Are they really that similar nowadays, or am I just blind?

Yep, in Korea. Before that, Japan. We were in Japan for a total of 3 years, and we have been in Korea for about nine months now.
<<

bajadulce

Posts: 102

Joined: June 7th, 2009, 2:53 pm

Location: Santa Cruz, CA

Post February 19th, 2013, 8:00 pm

Re: Spam/Ad bots

That's cute and creative. I like the dark nature too a lot! :)

Is your answer a 2 part string or a single phrase? i.e. "4 fingers" and not "4" or "four" as those might be brute forced by the bot. Pure numerical strings would seem especially vulnerable.

One thing about trivia questions of this type is that they are prone to cultural bias (think of a Korean guy answering your question). Something even as simple as finger breaking or the mob might seem completely obvious to you and I, but absolutely dumbfound a person with English as a second language. And while it's true an ESL member might not be able to communicate as effectively w/ the forums' member base as a native English speaker would, they still might have plenty to contribute. Myself, I consider to be damn near fluent in Spanish and yet find myself lost all the time in conversations dealing with native culture or anything remotely slang.

Bots will only get stronger that's for certain. Technology bestows technology. Things have been and are evolving at a rapid pace when it comes to computers.
<<

Hercanic

User avatar

Site Admin

Posts: 478

Joined: June 6th, 2009, 12:25 am

Location: Korea

Post February 20th, 2013, 8:49 am

Re: Spam/Ad bots

It's just the singular number. I'm not too concerned about brute force because the question itself is randomized. Naturally, anyone could script a custom bot for your forum, so this approach would never work for something big like Facebook. However, for us small, two-bit operations, obscurity is our greatest asset.

As for the cultural divide, yes, this was something I considered, but I also took into account the type of community my wife runs, and for her it works. For something more international like BWAI, you'll need to be extra lateral in your thinking to accommodate your audience.

Return to What's up?

Who is online

Users browsing this forum: No registered users and 2 guests

cron
phpBBST Software