Page 4 of 7

Re: Spam Bots Attacking! Please Help!

Posted: Fri Jan 07, 2011 8:42 pm
by dominoz
Yeah, I've been running that for a while Kevin, since people complained they were struggling to read the confirmation code :)

I'll change it to the GD Image and see how it goes.

Thanks

Re: Spam Bots Attacking! Please Help!

Posted: Fri Jan 07, 2011 8:49 pm
by KevC
The GD one has adjusters for complexity of the image.

Re: Spam Bots Attacking! Please Help!

Posted: Fri Jan 07, 2011 9:00 pm
by dominoz
Ok thanks Kevin :)

Re: Spam Bots Attacking! Please Help!

Posted: Fri Jan 07, 2011 9:32 pm
by Travisher
I found users struggling with the GD images but spammers still getting through.
I completely redid my Q&A questions yesterday which seems to have stopped the spammers.
However it isn't conclusive as I also blocked Russian Federation and China at server level.

Re: Spam Bots Attacking! Please Help!

Posted: Fri Jan 07, 2011 9:40 pm
by lemmingtopias
I have been getting swarms of SpamBots attacking lately too. Using the ReCaptcha and yet they still get through.

Re: Spam Bots Attacking! Please Help!

Posted: Fri Jan 07, 2011 10:45 pm
by callumacrae
lemmingtopias wrote:I have been getting swarms of SpamBots attacking lately too. Using the ReCaptcha and yet they still get through.
reCAPTCHA has been cracked. Use Q&A CAPTCHA with plenty of good, unique questions.

~Callum

Re: Spam Bots Attacking! Please Help!

Posted: Sat Jan 08, 2011 7:54 am
by BioLogIn
Was using reCAPTCHA, attacks started a few days ago. Yesterday switched to GD 3D captcha, that seems to help - not a single spambot for last 24 hours.

Re: Spam Bots Attacking! Please Help!

Posted: Sat Jan 08, 2011 11:42 am
by Saint_hh
Callum95 wrote:reCAPTCHA has been cracked.
Yes, seems so. No spambots with the Q&A captcha since yesterday.

Re: Spam Bots Attacking! Please Help!

Posted: Sat Jan 08, 2011 12:05 pm
by callumacrae
BioLogIn wrote:Was using reCAPTCHA, attacks started a few days ago. Yesterday switched to GD 3D captcha, that seems to help - not a single spambot for last 24 hours.
You would be best off with Q&A CAPTCHA, but if it's keeping the spam at bay I guess it's fine to use the 3D captcha. Make sure it's not keeping your users out though :D

~Callum

Re: Spam Bots Attacking! Please Help!

Posted: Sun Jan 09, 2011 12:43 am
by haggisv
haggisv wrote:Just out of interest, and this is not conclusive proof.... I've just changed all my Q&A questions, and in the last 6 hours, I've not had a single spammer register.

This tends to indicate that they are not bypassing the Q&A, but have simply compiled a set of answers, that will, after enough tries, give the right answer when the right question comes up.

I will continue to monitor this, but it looks like questions will simply need to be changed a lot more often.
I can confirm that after several days, changing the Q&A to a new set of questions has completely stopped this current wave. I guess we're going to have to change the questions more often, or our answers will get added to a list, and things will heat up again.

Re: Spam Bots Attacking! Please Help!

Posted: Sun Jan 09, 2011 4:27 am
by DBM
haggisv wrote:
haggisv wrote:Just out of interest, and this is not conclusive proof.... I've just changed all my Q&A questions, and in the last 6 hours, I've not had a single spammer register.

This tends to indicate that they are not bypassing the Q&A, but have simply compiled a set of answers, that will, after enough tries, give the right answer when the right question comes up.

I will continue to monitor this, but it looks like questions will simply need to be changed a lot more often.
I can confirm that after several days, changing the Q&A to a new set of questions has completely stopped this current wave. I guess we're going to have to change the questions more often, or our answers will get added to a list, and things will heat up again.
Using a completely fresh set of questions has worked here too. :)

I can also confirm that reCaptcha is broken - everyone stick with Q&A and keep updating the questions.

Like someone suggested earlier in the thread, it would help if a future edition of the Q&A captcha included some means of recording which question was answered on successful registration, so we can easily identify which question has been compromised if a bot gets through.

I'm also going to install the Advanced Block MOD and use it with the stopforumspam DNSBL.

Re: Spam Bots Attacking! Please Help!

Posted: Sun Jan 09, 2011 10:23 am
by Saint_hh
DBM wrote:Like someone suggested earlier in the thread, it would help if a future edition of the Q&A captcha included some means of recording which question was answered on successful registration, so we can easily identify which question has been compromised if a bot gets through.
I guess this is a really good idea.
Regarding the Q&A plugin: it seems that I have an advantage in having a pure German board. All bots are going on English and GMT-12 - so I defined only one "question" for English:
Sorry, you seem to be a spambot - if not: choose the other language:
As answer I configured a passphrase which would be good enough for the pentagon. ;)

And it's interesting to watch the phpbb_qa_confirm table. Every insert with "lang_iso" set to "en" is a bot - could be easily seen that the wave is still heavily going on.

Re: Spam Bots Attacking! Please Help!

Posted: Sun Jan 09, 2011 12:22 pm
by callumacrae
I just had a little prune of my users, changed my questions and enabled user activation.

That reduced 139 users to 18, and I haven't had any registrations since! :D

~Callum

Re: Spam Bots Attacking! Please Help!

Posted: Sun Jan 09, 2011 8:55 pm
by Travisher
Since I reset all the questions on Q&A and blocked Russian Federation and China I have had no more spambots getting through. However, checking the logs shows that the onslaught has not diminished much as there appears to be attempts from Israel and a number of what I can only assume are fake DNS since while a reverse lookup produces empire-sys.com using whois gives no such domain. Other IPs appear to be 'unallocated IP space'.
It would appear that we are witnessing the culmination of a concerted effort to break down the protection of bulletin boards etc.. I'm told that some porn sites 'reward' users who add capcha answers to a database. So the logical thing to do is have plenty of questions and keep changing them - hence my idea of putting the answer given in your activation email so you can spot when they have reached the end of their useful life.

Re: Spam Bots Attacking! Please Help!

Posted: Mon Jan 10, 2011 8:13 am
by Speedy62
I have changed the Q&A to entirely new questions everyday since Friday and the onslaught still continues. I am at a loss what to do.