Spambots

Code of conduct, technical issues and problems, suggestions, and/or complaints

Spambots

Postby Zack Morris » Tue Jan 17, 2012 10:52 pm

My experience suggests the following to be a good idea:

1. Ban *@mail.ru -- this will only stop a fraction of spammers, but I've never seen anything legitimate from this address.
2. Require that new users have their first 1 or 2 (1 is enough) posts moderated. New users are by default added to a New Users permissions group by phpBB and you can control for how many posts they remain there (before being promoted to ordinary users) and whether those posts should be moderated (that is, approved explicitly by the moderator).
3. Use the Q&A filter for registration. You will need to design intelligent questions that a human being will not know the answer to immediately unless he is a member of the target community. Also, make sure the questions are not easily answerable by plugging into Google.

Suggestion 3 is the most effective. You don't want the Members list to become full of inactive spambot accounts (which is what will happen if you only implement idea 2). What we need are some suggestions for questions and answers from other users. The answers should be at most one or two words. For those unfamiliar with how phpBB's Q&A works, the administrator enters questions and multiple responses for each question. Each individual response (a single line) is compared to directly against the user's input. So it's a very "dumb" system that cannot intelligently parse sentences.

I would suggest question/answer pairs like this:

Q:
Which German philosopher, whose name an Asia Times Online columnist used as his pen name for several years, is famous for proposing a cyclical theory of civilization?

A:
spengler
Spengler
oswald spengler
Oswald spengler
Oswald Spengler
oswald Spengler


For something more neutral, you can try this:


Q:
Enter the name of the capital of Japan but with each letter shifted by 1 (e.g. a -> b, g -> h, etc.). Use lower case.

A:
uplzp


Its effectiveness will depend on the laziness of the spammers.
User avatar
Zack Morris
 
Posts: 2600
Joined: Mon Dec 26, 2011 8:52 am
Location: Bayside High School

Re: Spambots

Postby Zack Morris » Tue Jan 17, 2012 10:55 pm

Another alternative is to provide an email for the administrator requiring prospective users to write to for permission to join the board. A few explanatory sentences should be enough to weed out spammers. The administrator could then reply with a password, which would be used as the answer to the question "ENTER THE SECRET PASSWORD".

The problem with this is that it requires work on the part of the administrator. Because forum traffic is currently low, this won't be a problem, but if there are plans to substantially expand the membership, it can become a cumbersome task.
User avatar
Zack Morris
 
Posts: 2600
Joined: Mon Dec 26, 2011 8:52 am
Location: Bayside High School

Re: Spambots

Postby Typhoon » Tue Jan 17, 2012 11:25 pm

Thanks for your suggestions. Will look into the Q&A option.

This last Polish [I assume] spambot, opelrodker, was nothing if not prolific, so it's clear that the time has come to harden the registration process.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Zack Morris » Tue Jan 17, 2012 11:45 pm

Indeed. It will only get worse from here. It starts as a trickle but becomes a torrent. You can expect at least 5 a day within the next week or so.
User avatar
Zack Morris
 
Posts: 2600
Joined: Mon Dec 26, 2011 8:52 am
Location: Bayside High School

Re: Spambots

Postby Typhoon » Wed Jan 18, 2012 4:53 am

The phpBB registration captcha has now been upgraded to the Google reCAPTCHA.

Let's see if this helps.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Typhoon » Wed Jan 18, 2012 5:40 am

Zack Morris wrote:Indeed. It will only get worse from here. It starts as a trickle but becomes a torrent. You can expect at least 5 a day within the next week or so.


Fortunately the admin board has the capability to delete a registered spambot and all it's posts at once.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Parodite » Wed Jan 18, 2012 8:33 pm

Is it an option to register people personally?

Maybe assign a special "registration moderator" who does/allows for the final registration after somebody applied for registration with indeed a personal question and answer as Zack suggests, plus a short personal motivation textfield, plus the usual graphics letters to be typed in.

Point is to put a human being somewhere in the process.
Outside, away from the noise, grows a flower.
User avatar
Parodite
 
Posts: 4220
Joined: Sun Jan 01, 2012 9:43 pm

Re: Spambots

Postby Typhoon » Wed Jan 18, 2012 8:37 pm

Parodite wrote:Is it an option to register people personally?

Maybe assign a special "registration moderator" who does/allows for the final registration after somebody applied for registration with indeed a personal question and answer as Zack suggests, plus a short personal motivation textfield, plus the usual graphics letters to be typed in.

Point is to put a human being somewhere in the process.


Both Zack and your suggestions are good, but I would first like to see how well the Google reCAPTCHA performs in blocking spambots.

It's a bit early to be optimistic, but so far the recent increase in spambot registration has been stopped.

Now all we need is for some real humans to register :wink:
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Parodite » Wed Jan 18, 2012 11:10 pm

Typhoon wrote:Now all we need is for some real humans to register :wink:


It's a matter of time something named Turing will register, wanting to find out if we are true bots or merely human. :P

Image
Outside, away from the noise, grows a flower.
User avatar
Parodite
 
Posts: 4220
Joined: Sun Jan 01, 2012 9:43 pm

Re: Spambots

Postby Typhoon » Sat Jan 28, 2012 9:54 am

It has now been over one week since the Google reCAPTCHA for registration has been installed.

During this time no new spambots have registered.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Parodite » Sat Jan 28, 2012 10:50 am

Typhoon wrote:It has now been over one week since the Google reCAPTCHA for registration has been installed.

During this time no new spambots have registered.


Wow. C'est bien.
Outside, away from the noise, grows a flower.
User avatar
Parodite
 
Posts: 4220
Joined: Sun Jan 01, 2012 9:43 pm

Re: Spambots

Postby Hoosiernorm » Sun Apr 29, 2012 11:11 am

Been busy doing stuff
Hoosiernorm
 
Posts: 2272
Joined: Fri Dec 16, 2011 7:59 pm

Re: Spambots

Postby YMix » Sun Apr 29, 2012 12:38 pm

The topic was deleted and the spambot was banned.
“There are a lot of killers. We’ve got a lot of killers. What, do you think our country’s so innocent? Take a look at what we’ve done, too.” - Donald J. Trump, President of the USA
User avatar
YMix
 
Posts: 4346
Joined: Mon Dec 12, 2011 4:53 am
Location: Department of Congruity - Report any outliers here

Re: Spambots

Postby Hoosiernorm » Mon Apr 30, 2012 7:04 am

YMix wrote:The topic was deleted and the spambot was banned.


A look behind the scenes at how the Freepers handle these things
Been busy doing stuff
Hoosiernorm
 
Posts: 2272
Joined: Fri Dec 16, 2011 7:59 pm

Spam Alert Congratulations

Postby monster_gardener » Tue May 29, 2012 3:26 am

Thank you Very Much for the maintenance of the Forum

Spam Alert

viewtopic.php?f=3&t=787

Current events at top of forum.

WOW!

Congrats.......... You got it already!
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
User avatar
monster_gardener
 
Posts: 5334
Joined: Fri Dec 23, 2011 12:36 am
Location: Trolla. Land of upside down trees and tomatos........

Re: Spambots

Postby monster_gardener » Wed Jul 11, 2012 11:41 am

Thank You Very Much for maintaining the forum.

Spambot sighting..........

viewtopic.php?f=3&t=428#p23886
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
User avatar
monster_gardener
 
Posts: 5334
Joined: Fri Dec 23, 2011 12:36 am
Location: Trolla. Land of upside down trees and tomatos........

Re: Spambots

Postby YMix » Wed Jul 11, 2012 12:38 pm

Deleted & Banned. Thanks for being vigilant, citizen! :)
“There are a lot of killers. We’ve got a lot of killers. What, do you think our country’s so innocent? Take a look at what we’ve done, too.” - Donald J. Trump, President of the USA
User avatar
YMix
 
Posts: 4346
Joined: Mon Dec 12, 2011 4:53 am
Location: Department of Congruity - Report any outliers here

Spambot sighting

Postby monster_gardener » Fri Jul 20, 2012 1:14 pm

Thank you Very Much for maintaining the Forum

Another Spambot alert.......... weird one........ ;)

viewtopic.php?f=3&t=987
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
User avatar
monster_gardener
 
Posts: 5334
Joined: Fri Dec 23, 2011 12:36 am
Location: Trolla. Land of upside down trees and tomatos........

Re: Spambots

Postby YMix » Fri Jul 20, 2012 2:04 pm

Deleted & Banned. We're getting upper class spambots.
“There are a lot of killers. We’ve got a lot of killers. What, do you think our country’s so innocent? Take a look at what we’ve done, too.” - Donald J. Trump, President of the USA
User avatar
YMix
 
Posts: 4346
Joined: Mon Dec 12, 2011 4:53 am
Location: Department of Congruity - Report any outliers here

Re: Spambots

Postby AzariLoveIran » Fri Jul 20, 2012 5:44 pm

.

Colonel and YMix, thanks for maintaining the forum .. Merci


.
AzariLoveIran
 

TurnitinBot... for high quality forums vs. Plagiarism

Postby monster_gardener » Sat Jul 21, 2012 1:03 pm

Thank You For Maintaining the Board, Admins.

Found a bot that I had not seen before reading in Current Events.

TurnitinBot

Looked it up...........

http://www.webmasterworld.com/forum11/2899.htm

Apparently the level of the discussion here may be of such high quality that students plagiarize it ;) 8-)


TurnitinBot/2.0 [turnitin.com...]
is thisbotis harmfull ... is this bot can help me any way... or it is useless... please help me out


kevinpate

[print msg]


msg:404508 3:25 pm on Jul 18, 2005 (gmt 0)

The bot exists to gather information for their service, a service sold to school instructors to aid them in detecting plagiarism by their students.
Clint

[print msg]


msg:404509 5:32 pm on Jul 18, 2005 (gmt 0)

[webmasterworld.com...]

Other info I see on it states that it tries to exploit webserver vulnerabilities. Do a search on it (TurnitinBot).
osujit

[print msg]


msg:404510 5:41 am on Jul 19, 2005 (gmt 0)

Thanks... for the reply ...
SO it is Not really a search engine, but. turnitinbot/1.4. .is an User Agent: TurnitinBot/1.4
[turnitin.com...] IP: 64.140.48.25...
not much use full taking unnecessary bandwidth.
thanks again
-sujit
Dijkgraaf

[print msg]


msg:404511 9:38 pm on Jul 19, 2005 (gmt 0)

Well it might catch students who are trying to pass your work of as their own.
keyplyr

[print msg]


msg:404512 9:48 am on Jul 24, 2005 (gmt 0)

As an educator myself, at first I was theoretically supportive of TurnitinBot until it came by my site. It requested robots.txt and then proceeded to ignore disallowed list.

Upon further investigation at their site, I found cached copies of my heavy content webpages. The very same pages I don't want copied - LOL

Yes, they sell their service, but so far they haven't offered me my cut.

I emailed them demanding they remove my property from their DB but never received a reply. I now ban them by UA.
Clint

[print msg]


msg:404513 12:11 pm on Jul 24, 2005 (gmt 0)

Are all of you showing the bot's IP is 64.140.48.25? I want to go ahead and block it now.
GaryK

[print msg]


msg:404514 6:52 pm on Jul 24, 2005 (gmt 0)

These are the IP Addresses I have on file for this bot:

64.140.49.66
64.140.49.68
64.140.49.69
204.9.204.203
Clint

[print msg]


msg:404515 9:35 am on Jul 25, 2005 (gmt 0)

Thanks. :)

You don't have 64.140.48.25 listed?
GaryK

[print msg]


msg:404516 3:27 pm on Jul 25, 2005 (gmt 0)

Nope. But that doesn't mean anything really. Perhaps it uses different IP blocks to crawl different geographic regions. My servers are located in Virginia and Texas in the USA.
Global Options:
top home search open messages active posts
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
User avatar
monster_gardener
 
Posts: 5334
Joined: Fri Dec 23, 2011 12:36 am
Location: Trolla. Land of upside down trees and tomatos........

Re: Spambots

Postby Hoosiernorm » Sat Jul 21, 2012 1:43 pm

https://www.turnitin.com/robot/crawlerinfo.html

That is an interesting little bot
Been busy doing stuff
Hoosiernorm
 
Posts: 2272
Joined: Fri Dec 16, 2011 7:59 pm

Re: Spambots

Postby Typhoon » Mon Aug 20, 2012 7:00 am

Over the last couple of days we've had a increase in spambots getting past the captcha.

All were from Russia and the Ukraine.

Sorry for the inconvenience.

Will look into how we can further make it difficult for spambots to register and spam.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Typhoon » Tue Aug 21, 2012 9:20 pm

I've replaced that Google reCAPTCHA visual challenge, which apparently has now been hacked, with a Question and Answer challenge for the registration process
as a test to determine if this will reduce the number of spambots registering.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Re: Spambots

Postby Typhoon » Sun Aug 26, 2012 5:42 pm

Typhoon wrote:I've replaced that Google reCAPTCHA visual challenge, which apparently has now been hacked, with a Question and Answer challenge for the registration process
as a test to determine if this will reduce the number of spambots registering.


So far the new Q & A registration challenge appears to be working.

No spambots have been able to register since it was implemented.
All the world's a stage.
User avatar
Typhoon
 
Posts: 14964
Joined: Mon Dec 12, 2011 6:42 pm

Next

Return to This Forum

Who is online

Users browsing this forum: No registered users and 1 guest