hammered by newly registered members

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Anti-Spam Guide
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52768
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: hammered by newly registered members

Post by stevemaury »

Angoid wrote:Can't such questions simply be added to the Xrumer database?
Yes, of course, assuming the bots could figure out the answer, because you cannot search them. Does no good to just know the question. They should be changed often, but there are an infinite number of them.

If you want an international user group, use ones like:

Moon is to night as sun is to _______?

A: day

Fish is to swim as bird is to ________?

A: fly
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
J_M
Registered User
Posts: 283
Joined: Wed Jul 20, 2005 12:26 pm

Re: hammered by newly registered members

Post by J_M »

Yes, of course, assuming the bots could figure out the answer
but that would only defeat the bots not the humans.

It seems that Xrumer has a feeder database from all of the users and possibly a slew of humans that are answering the Q&A for a fee. That's why I don't know if it a complicated question is any better than just a different question that doesn't exist in the database.

I changed mine to a simple but different question and so far it has the same success rate as those that used a more complicated question.
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26505
Joined: Fri Aug 29, 2008 9:49 am

Re: hammered by newly registered members

Post by Mick »

Defeating humans is difficult as they're what you want but there aren't many humans, nowhere near as many as bots anyway, engaging in such activities.
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
Schwpz
Registered User
Posts: 335
Joined: Wed May 07, 2003 1:33 pm
Location: Planet Zot
Contact:

Re: hammered by newly registered members

Post by Schwpz »

Lumpy Burgertushie wrote:I really don't believe that anybody is making any real money from spamming like this.

how many people would actually click on a link in a board to buy viagra or whatever?

I wager that not many would. It seems like a lot of effort for not much return.
Their aim is not as much clicks as search engine boosts.
Even if nobody clicks on the spammy Viagra link illegally made on your board, you would per definition be sporting such a link with the same value as other links you have placed yourself on your forum, hence giving the spammer a +1 search engine boost.


Someone in this thread found Playthrough to be a life safer:
http://areyouahuman.com/home-c2/?utm_ex ... enefits%2F

I must admit I'm curious to try it myself, at least the free version.
That should at least not be by-passed by any bots within the near future.
..:: PlanetZot.com - Your ultimate source for animation! ^^
Tal125
Registered User
Posts: 2
Joined: Tue Nov 20, 2012 8:17 pm

Re: hammered by newly registered members

Post by Tal125 »

Hi - I'm one of the Administrators at AvariceAlliance.net - and we're experiencing a huge increase in spam users.

I've changed the Q & A question to two questions that is very difficult outside of our little group - and we're still getting registrations. I've had to turn it off in the meantime because it's becoming such a mess trying to keep up with the spam.

The problem we're having is - I've set the public forums to Read Only for Newly Registered Users but they can still post in the forums. Is there something I'm missing in order to restrict access to these forums? I successfully shunted the newly registered posts into a moderation queue, but can't stop them from posting. What are we doing wrong?
User avatar
Brf
Support Team Member
Support Team Member
Posts: 53400
Joined: Tue May 10, 2005 7:47 pm
Location: {postrow.POSTER_FROM}
Contact:

Re: hammered by newly registered members

Post by Brf »

The "Read Only" role only sets the posting permissions to "No". Since your NRUs are also members of the Registered Users, they pick up a "Yes" permissions from there.

To block the NRUs from posting, you would need to go into Advanced Permissions and set their posting permissions to Never.
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52768
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: hammered by newly registered members

Post by stevemaury »

If you successfully have them on moderation queue, how can they post without approval?

And if they can't post at all, how do they get out of the NRU? I think we need some more detail.
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
Tal125
Registered User
Posts: 2
Joined: Tue Nov 20, 2012 8:17 pm

Re: hammered by newly registered members

Post by Tal125 »

Brf wrote:The "Read Only" role only sets the posting permissions to "No". Since your NRUs are also members of the Registered Users, they pick up a "Yes" permissions from there.

To block the NRUs from posting, you would need to go into Advanced Permissions and set their posting permissions to Never.
That....is counter intuitive. But it worked. Thanks!
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52768
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: hammered by newly registered members

Post by stevemaury »

In which case they will remain in the NRU forever. You have to let them post in some forum (with approval, if desired) or they will never get a post count to get out of NRU.
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
Dnyt
Registered User
Posts: 7
Joined: Mon Jun 30, 2003 7:36 pm

Re: hammered by newly registered members

Post by Dnyt »

So reCAPTCHA is still not good to prevent spam?
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52768
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: hammered by newly registered members

Post by stevemaury »

Still not good. And won't be.
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
surfsup
Registered User
Posts: 18
Joined: Thu Aug 21, 2008 6:15 pm

Re: hammered by newly registered members

Post by surfsup »

Oyabun1 wrote:
surfsup wrote:well, since my last post i have had a spammer register.
....

No registrations all day.
Has a spammer registered or not?
I'm still 100% spam free. This is working well.

My solution is simple yet complex or impossible for a bot to solve:

1) image with no text reference to the answer in the Q&A question itself (the subject of the question and answer are totally random) - example, "what is the most famous brand of guitar amp built by Mr. Leo ------". This question can be narrowed down by a bot to the eventual answer "fender". A bot sees "brand' "amp" "guitar" and starts populating: marshall, fender, etc until it hits.
2) the image is difficult to read, multiple colors and texts embedded and skewed in Photoshop help - the answer is only a portion unlike captcha which is only displaying the actual text to enter and can be broken.
3) the question in the Q&A is the first half of the clue, directing user to another page on the site
4) the other page finishes the question, referencing the answer loosely
5) answer is not a "real" word like "lake" or "fender" or "guitar" or "surfing", it is a jumbled code
6) this process is impossible for a bot to answer
7) a human has to spend extra time to do it, not too much but enough to make a spammer work for it
8) two tries allowed in the ACP - that's it...

In thinking about this, I believe this is impossible to crack (for a bot) unless someone spent the time to do it.
User avatar
durangod
Registered User
Posts: 789
Joined: Tue Nov 03, 2009 1:26 pm
Location: USA East Texas
Name: Dave

Re: hammered by newly registered members

Post by durangod »

Sounds great surf, nice job. I am fearfull of making it too difficult a process for the "real" user. We all know how fickle members can me and it concerns me that making them use their brain and hunt down clues to a riddle too much will just cause them to say this is BS and move on.

We all need fresh blood in our forums, new members to get involved and keep ideas fresh and momentum moving. I think the trick is to find that fine line to be secure but not make them work too hard for it. IMO the first thought they have that this is BS is usually the time they bail.

I know that some are against the IP htaccess banning but for me it works, or seems to. They obviously seem to be trying to use the same ip or at least the first sequence of the ip xxx. with different variations to try to get in but cant. So its not fullproof but for me (along with the other tactics) it does seem to work.

Also it seems that google itself is at the heart of all of this, their rankings, their process. The reason such programs like xRumer even exist is because of rankings. My point is maybe google itself can somehow lend a hand or atleast offer some feedback.

It is however in their best interest to do so, the more junk that gets high ranking the worse their customers will rely on them for good results and google search customers will go elsewhere. Especially with the current ongoing battle for search sepremacy now days it might be worth knocking on googles door for some help.

Maybe someone here has a friendly ear at google that will listen.
Username is short for durango d (durangodave)
Pony99CA
Registered User
Posts: 4783
Joined: Thu Sep 30, 2004 3:13 pm
Location: Hollister, CA
Name: Steve
Contact:

Re: hammered by newly registered members

Post by Pony99CA »

RMcGirr83 wrote:So I decided to contact this botmaster nub group and here ya go.

My message to them
Your "bot" is nothing more than a piece of software to allow users to be able to "spam" their sites. You should be ashamed of yourself. You are costing the internet lost productivity and if it was up to me I would have it legally impermissible to have your type of software to even be available and would hold you personally responsible for the cost of lost productivity. Find something else to do with your time instead of annoying forum owners with your POS software.
and the response
Re: Отправлено новое сообщение от Rich McGirr с BotmasterLabs.Net
Buy ur tool and u'll see that it's really useful (not for spam) but if 5-10% of our clients are using it for spamming, it's not our fault, same as it's not Zepter's fault if 5-10% of peoples are using their Knifes to kill somebody...
That's actually a reasonable analogy (gun manufacturers use the same logic, too) -- although I suspect their 5-10% is laughably low. Just like mass E-mailing tools can have a legitimate use, so can tools like this. However....
RMcGirr83 wrote:Here is what their bot actually does, quoted from their website
Below are listed main specification and features of XRumer
  • Multithreaded submitting: over 50 simultaneously running threads possible!
  • Software can perform registration at forums (if necessary for posting messages) and automatically fill in the required fields. Upon successful registration XRumer posts the user-specified message and/or links.
  • The powerful built-in proxy-server checking script locates available proxy-servers worldwide, choosing anonymous addresses among them.
  • Software is able to work with lots of different types of forums and guestbooks: phpBB and PHP-Nuke with any modifications, yaBB, VBulletin, Invision Power Board, IconBoard, UltimateBB, exBB, phorum.org, wiki, different types of bulletin boards and even custom-written code.
  • Attention: unique feature – software works around EVERY possible type of protection from automatic registration, including:
    - Pictocode protection (tickets, captcha), which look something like: "Enter the number you see in the box". Details...
    - E-mail activation protection. Details...
    - Java-script protection. Details...
  • During the process of posting a detailed log is created with precise path-links to posted messages so that you can check every link and every posted message afterwards.
  • A built-in proprietary "Question-answer" system.
  • A variations system, using which you can post up to 10000 messages all looking different but with similar contextual meaning and the user-defined hyperlinks in them. It helps to broaden the key queries (for Search Engine optimization) and protect your posts from being filtered out by Search Engines (that is, your posts will be included in SERPs).
  • If the forum has more than one category, the software chooses the one most suitable for the message, otherwise it sends the message to off-top, flame sections or the like, and in case those do not exist - to the most visited category on the forum.
  • BB-code can be used.
  • The following forum base processing tools are included: repeated links deletion, hit descending sort, service denial according to customizable black list, and various filters. The program informs the users about availability of new versions and possesses many other powerful features.
Yeah, it isn't a spamming tool at all...it's a "link generator". SMH :roll:
The tell-tale that indicates that they're going after spammers is the part saying that the "software works around EVERY possible type of protection from automatic registration". Somebody using such a tool responsibly would have people register manually, then use the tool to automatically post announcements. Somebody registering manually could read the Terms of Service; bots obviously can't (until they're truly intelligent :)).

Also, if their tool doesn't provide any site categorization/targeting tools, but just blasts every possible blog and forum, they clearly aren't interested in responsible use.

Steve
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.
Pony99CA
Registered User
Posts: 4783
Joined: Thu Sep 30, 2004 3:13 pm
Location: Hollister, CA
Name: Steve
Contact:

Re: hammered by newly registered members

Post by Pony99CA »

surfsup wrote:My solution is simple yet complex or impossible for a bot to solve:

1) image with no text reference to the answer in the Q&A question itself (the subject of the question and answer are totally random) - example, "what is the most famous brand of guitar amp built by Mr. Leo ------". This question can be narrowed down by a bot to the eventual answer "fender". A bot sees "brand' "amp" "guitar" and starts populating: marshall, fender, etc until it hits.
2) the image is difficult to read, multiple colors and texts embedded and skewed in Photoshop help - the answer is only a portion unlike captcha which is only displaying the actual text to enter and can be broken.
3) the question in the Q&A is the first half of the clue, directing user to another page on the site
4) the other page finishes the question, referencing the answer loosely
5) answer is not a "real" word like "lake" or "fender" or "guitar" or "surfing", it is a jumbled code
6) this process is impossible for a bot to answer
7) a human has to spend extra time to do it, not too much but enough to make a spammer work for it
8) two tries allowed in the ACP - that's it...
So you have an image that it difficult to read (one of the WORST things about those "type the letters" image CAPTCHAs and not very accessible to sight-impaired people) AND you make them jump to another page? Say goodbye to a lot of potential community members. (My random question generator wouldn't make people -- except spam software makers -- jump through hoops.)

However, based on that description, I'm not really clear on exactly what you're proposing. Have you actually implemented that on your board?

Steve
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.
Locked

Return to “[3.0.x] Support Forum”