Announcement

Collapse
No announcement yet.

Spam bots defeat Recaptcha.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Originally posted by thebigman87 View Post
    It's not a path I'd personally go down, I mean China is a very fast developing country and with a Population of 1 Billion its not one to be blocked by outsiders (their Government can do that for them :P).
    Most of these posts have come from an IP of 220.*.*.* with the second, third and fourth octet being unique. I also have members from Australia that have the same beginning 220 octet and if I ban all people with an IP that starts with 220 I will ban the people I want on my forum as well. I agree that this is not a solution.

    The bots/spammers also have joined with an address with a starting octet of 58 or 59. In the end I do not want to have to keep up with a huge list of numbers that I have banned.

    We have just been watching the forum and monitoring who joins and tries to edit their signature. We ban that person within minutes most times and although it is not the best solution, it is working for us.
    Last edited by copiertalk; Fri 30 May '08, 10:49am.
    www.Copiertalk.com - Everything Copier , Printer, Fax

    Comment


    • i have this also

      after upgrade to 3.7.0

      every spammer make only five replies

      it is strange thing

      and i attach the message

      please how to solve that??
      Last edited by baghdad4ever; Sun 12 Oct '08, 6:52am.

      Comment


      • Suggestion: Semi-automatic 'quarantine' that misdirects the spammer or spambot.
        • I am just struggling to get a website and forum running and don't even know what Captcha is yet. (PS--oh yes, I guess Captcha is that image thing? Which I set to very low standards because otherwise I could hardly read it myself heh. Well now I guess there's no need to raise the standard.)
        • So I just came here searching for anti-spam tools because of being hit with annoying 'WOW GOLD' ads from lovebeijgo etc. Latest are loveumaryii and Dreamath.
        • I did not ban KaiyureBoy because there was no advertising. Just repeated messages saying 'I have read your article it was very helpful' and then asking for my MSN. I replied with a warning against repeat messages, and he stopped.
        • KaiyureBoy also did a 'fake signature' including 6 links for amateurish non-porn celebrity URLs. If that's all bot, it's a bit clever.
        • What I am hoping to find is some kind of anti-spam system that:
          1. Detects all 'probable spam' according to keywords which I can tweak.
          2. Display these all on one page. "Select all" and selectively de-select.
          3. In one action a) "Move all" spam messages to a spam archive thread, and b) "Quarantine" the transgressing members.


        By 'quarantine' I mean perhaps a permanent ban. But what might be better than to ban them: a) automatically move all their posts to an invisible subforum. Or b) automatically require that all their messages must be moderated before being posted. Thus, they 'think' they are still active members, and they do not bother to re-join under different names.

        [rant]These people are so clever with their software. And then so stupid to think anybody is going to reply to their WOW GOLD ads. Which doesn't even make any sense, in English at least. Yes and look out world, it's these brain damaged survivors of communism from Russia, China, and eastern Europe who are taking over the global economy. And America's answer so far is to elect and re-elect a born again Christian from Texas who can hardly get through a Sunday school reading. So we might not buy WOW GOLD but we did buy the gulf war II. Holy Toledo. Time to build bunkers.[/rant]

        Thank you everyone who contributed to this thread, especially mikesz, El Burro, CareyCrew, 1996 and renep, who I quote below.
        Originally posted by mikesz View Post
        FYI, I have been tracking this stuff for the last six months and have successfully block 100% of these attacks using a simple filter and IP trap that just does input verification of registration data entry and an IP lookup against a bad guy table that dynamically maintains itself from the badguys it traps.
        Originally posted by El Burro View Post
        I installed ISBot this morning it's already stopped five bots registering in only a few hours!
        http://www.vbulletin.org/forum/showt...ighlight=isbot
        Originally posted by CareyCrew View Post
        Another tool for anyone interested is a huge list of spammers email addresses maintained by my old friend ForumNut at http://forumnutsandbolts.freeforums.org/portal.php mainly phpbb2 stuff there but he keeps up this list which can be used as a blocklist.
        The thread is located here.....
        http://forumnutsandbolts.freeforums....28-08-t34.html
        ( Registration is required) He gets hate mail from the spammers along with expletives and threats but the list keeps growing
        Originally posted by 1996 328ti View Post
        I don't think banning email addresses or entire ip blocks is the answer. I think by far the best mod (and should be included with vB) is Prevent Spam Posts
        http://www.vbulletin.org/forum/showthread.php?t=131568 I've added additional keywords to prevent our latest fiends from posting.
        I don't care that I need to delete and ban a few people each week.
        I'm just glad their posts are not visible. And I don't believe askimet is of any use. Look how much spam gets posted to vb.com.
        Originally posted by renep View Post
        I've used that trick in some hand-coded form handlers (outside of vB). It worked fine for a while, but a couple of months ago new spam started to pass this test ... I don't see how you could get false positives though.
        (False positives for 'hidden form' traps might come from blind people using aural readers...?)
        Last edited by Christophe_O; Sat 31 May '08, 11:09am. Reason: about captcha-fake signature
        sigpic Krystof
        Starnectar Free Forums

        Comment



        • I'm going to add my 2 cents to this thread as well. I bought 3.6.8 back last Dec. I've got a small, niche type forum so I don't get a lot of users or search bot traffic. In the last 6 months I've not had one spam attempt nor had I seen any guests that their IP addresses were from outside the US. And I keep a pretty close eye on my forum. I managed a much bigger vBulletin site for years that was constantly getting hit by spam bots and other unwanted attention, so I pretty much know what to look for and know just how bad it is out there.

          Come the end of May and I upgrade to 3.7.0. It hadn't even been up 12 hours and I get a Vietnamese and Chinese IP address. Next day it's Russian. A couple more Chinese and some small country that use to be part of the Soviet Block. Some of them just mill around like bots do and a few try to register, but so far none have been able to. So that at least is good.

          Sure, it could be a coincidence and I might had seen these had I stayed on 3.6.8. And that is what I would have thought had I not seen all the other threads on here about increased activity right after people upgraded. I read the comments that these people are targeting vBulletin 3.7. Maybe it's because it's brand new and since so many people are upgrading to it they want to see just how good it is...

          or maybe it's because they know that when people go to a new version they make mistakes and leave holes in their security. So the best time to try and take advantage is when people are installing new software.
          I was curious as to how easy it was to find out who was running vBulletin 3.7 so I did a Google search with the words "Powered by vBulletin® Version 3.7"... Yep, page after page after page of forums, including mine, came up. So for those wondering how they are finding out, it's not hard for them to find out who is on 3.7 at all. So vBulletin gets a lot of advertisement for free (that's just business of course) but there is a lighted path right back to all of us.

          I do wish that the US government would address the issue (or at least put more bite into what they are doing) of countries that allow (and in some cases are actively supporting) this type of activity. It's not just about spam anymore... most of it is targeted at identity theft and other criminal activities like that.

          I don't think the group at Jelsoft (or any other forum software) will ever be able to create the perfect forum software. It's always been known that anything one person can create, another person can find a way around. It's the nature of the beast and one of the costs of us wanting to run forums. I think Jelsoft does a pretty good job and I hope they continue to stay close, even if they can't get ahead of the people that are out to take advantage of us.

          Mike

          Comment


          • Sadly the vbulletin staff don't seem to be very interested, see:
            http://www.vbulletin.com/forum/showthread.php?p=1573643

            Comment


            • Originally posted by chrisrixon View Post
              Sadly the vbulletin staff don't seem to be very interested, see:
              http://www.vbulletin.com/forum/showthread.php?p=1573643
              I told you to submit a bug report since you are certain this is a vB issue. Please do so.
              Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
              Change CKEditor Colors to Match Style (for 4.1.4 and above)

              Steve Machol Photography


              Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


              Comment


              • Ok done.

                Comment


                • Originally posted by Mike Jordan View Post


                  Mike
                  Well written.
                  www.Copiertalk.com - Everything Copier , Printer, Fax

                  Comment


                  • removed post
                    Last edited by EcoForumZ; Mon 2 Jun '08, 7:57pm.
                    EbikeForum - Electric Bicycle Forum

                    Comment


                    • I'm afraid the answer was:

                      "There are as yet no confirmed and verifiable reports of this happening."

                      Comment


                      • Originally posted by chrisrixon View Post
                        I'm afraid the answer was:

                        "There are as yet no confirmed and verifiable reports of this happening."
                        To clarify I am talking about Bots bypassing the registration and verification process. As long as you allow registration there is nothing to stop humans from registering and then turning over the account to a Bot.
                        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                        Change CKEditor Colors to Match Style (for 4.1.4 and above)

                        Steve Machol Photography


                        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                        Comment


                        • removed post
                          Last edited by EcoForumZ; Mon 2 Jun '08, 7:57pm.
                          EbikeForum - Electric Bicycle Forum

                          Comment


                          • removed post
                            Last edited by EcoForumZ; Mon 2 Jun '08, 7:58pm.
                            EbikeForum - Electric Bicycle Forum

                            Comment


                            • Originally posted by EcoForumZ View Post
                              They are spamming 3.6x as well.
                              They're spaming pretty much all forums, non-vB and vB. I'm on a few that have been hit by these guys.
                              So Cal Sportbike forum - So Cal Moto - Kawasaki Ninja 250R Forum - Custom vinyl decals - Southern California camping forum

                              Comment


                              • We have been soft deleting the posts and banning the usernames.

                                We run a small community and have cought most of them prior to any spam.
                                www.Copiertalk.com - Everything Copier , Printer, Fax

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X