Home | Networks | Community | Need Help? 

 
 Quick search

 
 
 RegisterRegister   Log inLog in 

Thank the spammers
Goto page Previous  1, 2
 
Post new topic   Reply to topic    SearchIRC Forum Index -> Latest Updates
Author Message
Jason
SearchIRC Developer
SearchIRC Developer


Joined: 03 May 2003
Posts: 1135
Location: Tampa, FL
PostPosted: Apr 21, 2008 6:48pm    Post subject: Reply with quote
The new changes seem to be working well. Only 4 new users signed up since it went in, and none are robots. I changed some of the links (from mode=register to mode=Pregister), but the spambots didn't even flinch. They follow all the hyperlinks on the register page, and fill out the form when they see it. So by changing the hyperlinks into a form, they are now lost :)
Back to top
greg27
Lurker
Lurker


Joined: 07 Oct 2006
Posts: 125
Location: Australia
PostPosted: Apr 21, 2008 7:39pm    Post subject: Reply with quote
silly spambots Smile
Back to top
PingBad
Guru
Guru


Joined: 05 Feb 2005
Posts: 1976
Location: New Zealand
PostPosted: Apr 21, 2008 11:53pm    Post subject: Reply with quote
greg27 wrote:
you could give the honeypot form field a try - if the bots weren't coded specifically for sirc it should help.

create a new textbox on the register page and name it something like 'url'. use css to hide it from people (display:none). before creating an account for a new user, check to see if this textbox is empty - if it isn't, it is likely a bot.
I heavily doubt this would work. I have coded automated form submission bots previously (to automate tasks in a few web projects of mine) - and a common trick is to just send a GET request with the form data already filled in (ie: don't even request the signup page, just make it act like you did). Okay, a few rough-and-ready spambots might request the registration form, grep/wildcard-match the input fields and attempt to fill them in based on their name= value - but some more advanced ones already know what to put in for each name= (doesn't take a genius to spot that a <input type="text" name="user" /> tag is a spot for a requested username Wink)
Back to top
Snerf
Newbie
Newbie


Joined: 15 Sep 2004
Posts: 62
Location: IRC
PostPosted: Apr 23, 2008 12:30am    Post subject: Reply with quote
You would really think that the image verification would stop a lot of it?
Unless that was recently added.
Back to top
Jobe
Idler
Idler


Joined: 30 Jul 2006
Posts: 336
Location: Lurking in the shadows of some random channel!
PostPosted: Apr 23, 2008 6:27am    Post subject: Reply with quote
Snerf wrote:
You would really think that the image verification would stop a lot of it?
Unless that was recently added.


Sadly phpBB2's image verification is known for being incredibly easy for spam bots to bypass. And from looking at the current CAPTCHA image, the current implementation is one of the easiest for bots Sad
Back to top
Jason
SearchIRC Developer
SearchIRC Developer


Joined: 03 May 2003
Posts: 1135
Location: Tampa, FL
PostPosted: Apr 23, 2008 7:01am    Post subject: Reply with quote
Even google and hotmail's capatcha are currently being defeated. And google's skewed letters are sometimes difficult to make out for a human...
Back to top
Jobe
Idler
Idler


Joined: 30 Jul 2006
Posts: 336
Location: Lurking in the shadows of some random channel!
PostPosted: Apr 23, 2008 9:04am    Post subject: Reply with quote
About the only CAPTCHA I've seen that spam bots have incredible difficulty with is vBulletin's with most of the complexity options on (still readable by users too)
Back to top
Snerf
Newbie
Newbie


Joined: 15 Sep 2004
Posts: 62
Location: IRC
PostPosted: Apr 30, 2008 12:04am    Post subject: Reply with quote
Wow, crazy what kind of time people spend writing these bots just to defeat these things. Makes you wonder if just writing your own type of image verification would make it better, since its not 'common code' then.
Back to top
Jobe
Idler
Idler


Joined: 30 Jul 2006
Posts: 336
Location: Lurking in the shadows of some random channel!
PostPosted: Apr 30, 2008 7:48am    Post subject: Reply with quote
More often then not, something really custom, and not plain, is enough, because anything that isn't standard usually means the bot runners need to right custom code of their own just for your forum. Which is a lot of work just to post 1 or 2 posts from their bot.
Back to top
Mary
SearchIRC Admin
SearchIRC Admin


Joined: 03 May 2003
Posts: 689
PostPosted: Apr 30, 2008 7:15pm    Post subject: Reply with quote
The ironic thing is, most spam posts we delete are long lists of links that no one in their right mind would read. I think they are looking for linkbacks in order to raise their google ranking, rather than actually enticing anyone here to go look at their sites.
Back to top
PingBad
Guru
Guru


Joined: 05 Feb 2005
Posts: 1976
Location: New Zealand
PostPosted: Apr 30, 2008 9:24pm    Post subject: Reply with quote
should do them a favor and beat them to the punch on the first page Razz
Back to top
Jason
SearchIRC Developer
SearchIRC Developer


Joined: 03 May 2003
Posts: 1135
Location: Tampa, FL
PostPosted: May 01, 2008 5:28pm    Post subject: Reply with quote
Back to top
PingBad
Guru
Guru


Joined: 05 Feb 2005
Posts: 1976
Location: New Zealand
PostPosted: May 02, 2008 5:52am    Post subject: Reply with quote
Sometimes, jason, I wonder what makes you tick... this is one of those times, and - frankly - I'm not sure I want to know Razz
Back to top
Xaphan
Newbie
Newbie


Joined: 12 Feb 2007
Posts: 59
PostPosted: May 02, 2008 11:51am    Post subject: Reply with quote
Back to top
Jobe
Idler
Idler


Joined: 30 Jul 2006
Posts: 336
Location: Lurking in the shadows of some random channel!
PostPosted: May 02, 2008 12:08pm    Post subject: Reply with quote
I only have one thing to say at those cartoons:

LAWL
Back to top
Display posts from previous:   
Post new topic   Reply to topic    SearchIRC Forum Index -> Latest Updates All times are GMT - 6 Hours
Goto page Previous  1, 2
Page 2 of 2

 
 
Forum powered by phpBB
 
 © 2000 - 2008 EverythingIRC, Inc. All rights reserved. Please read our disclaimer