Topic: Spam - Spammer related issues

IP Information for 88.119.xxx.xx
IP Location:     Lithuania Lithuania Vilnius Uab Transteleservis


What vulnerability in pun standard installation are spammers taking advantage of?
Got a registration from the above - not a post, but entered the list of users.... with viagra something in email....

Thx.

Re: Spam - Spammer related issues

Need more clarity:
- you have a vanilla standard PunBB 1.3x install;
- you got a successful registration from a user with the above IP address
- email address of registrant had *viagra in it?

Huh?

Not sure what you are trying to say.

Re: Spam - Spammer related issues

it's spambots for sure... had it on other forums aswell. they register but can't post. but they're inflating numbers of users.

i want to know what they are exploiting - there must be a deficiency somewhere

i installed anti-spam now - see if that stops it

vanilla yes. (before that user registered when i decided to change)

4

Re: Spam - Spammer related issues

They aren't exploiting anything. They are merely submitting a registration.

Re: Spam - Spammer related issues

once again v. helpful. roll

Re: Spam - Spammer related issues

KeyDog wrote:

once again v. helpful. roll

The initial question is itself thin on details. It reads to me as

"Someone registered on my forum, they can't post but they can register, they have the words viagra in their registration details, how could they register"

It would help if you explained how your board is setup. The plain vanilla install doesn't help either. To register on your site do they have to go through a captcha of some sort, do they have to be admion approved.................:rolleyes:

Re: Spam - Spammer related issues

http://mypunbb.com/viewtopic.php?id=1&p=454

how is that possible
general question....

spambots love vanilla pun & flux - why

Re: Spam - Spammer related issues

KeyDog wrote:

http://mypunbb.com/viewtopic.php?id=1&p=454

how is that possible
general question....

spambots love vanilla pun & flux - why

Well if you go and sign up to the link you provided like I did, you will see that it doesn't need email verification nor does it require admin approval or uses a captcha deterant. If that website is what a vanilla install is and is how your running your forum it's no wonder your getting spam registrations.

9 (edited by The_Fiddler 2009-01-15 09:08)

Re: Spam - Spammer related issues

I just signed up to one of your blue white test forums you put in show off. If this isn't the forum your talking about it, then provide a link. I was able to though, sign up and post test as a reply to one of your threads. It was all done without needing admin approval, email verification and no captcha deterant.

If this is how all your forums are set up its like having the keys in your car, motor running and door left wide open while parked in a crime hotspot all the while hoping the car doesn't get stolen while your away.

10 (edited by The_Fiddler 2009-01-15 09:26)

Re: Spam - Spammer related issues

I just signed up also to your .info one. It also doesn't appear to need admin approval or email verification. It does though use a captcha, which wouldn't be that hard at all to use a character recognition software to find out what the characters are seeing as the numbers I had to enter were all solid on a white background, unlike some captchas you see that are not a solid character on a mixed coloured background.

I would personally use a wing ding font that displayed animals. It would make it harder for a bot to try and work out what an elephant or lion or tiger looked like.

11 (edited by KeyDog 2009-01-15 09:39)

Re: Spam - Spammer related issues

cool feedback - yeah i was just trying to see what happens if one does what your regular new installer does...

you're obviously advanced user smile hehe

thx for helpful inputs...


EDIT: on production sites I'd obviously use email verification and basic captcha or other together....
i've not seen bots being able to post to those forums....

EDIT 2: oh and if you see any other obvious security related issue to anything regarding that site I'm more than happy to hear about it....

12

Re: Spam - Spammer related issues

http://recaptcha.net/plugins/php/

this captcha would be cool think to implement ...

13

Re: Spam - Spammer related issues

KeyDog wrote:

once again v. helpful.

What were you expecting? There is no bot orientated deterrent on a plain install. What do you expect to happen? If you are going to ask stupid questions and post sarcastic responses at the obvious answer, don't ask the stupid question to start with.

14

Re: Spam - Spammer related issues

haha smile nevermind. all's well that ends well.

15

Re: Spam - Spammer related issues

That mypunbb.com forum is FluxBB anyhow - why are you posting here? big_smile

That forum, infested as it is by spam, is quite an impressive demonstration of the bad spambot problem that is out there. 1200 'members' and 11500 replies in one thread alone by spambots, dozens of daily posts - cool sad.

And check out the impact on server resources: 'Generated in 17.349 seconds, 6 queries executed' for just loading the first page of the 'Announcement's thread. Ouch.

A list of the IP's that all those members registered from would be very useful to see, and to send over to http://www.stopforumspam.com.

I think connerhd must be keeping that site up as a honeypot. Otherwise he needs to do some serious housecleaning over there.

16 (edited by KeyDog 2009-01-15 21:39)

Re: Spam - Spammer related issues

I posted it here because it reflects what I saw with one of mine before I locked it smile
I was getting one thread with all such posts aswell. Just in one forum one thread (not threat big_smile). They don't seem to spam all forums across all categories.

I think connerhd must be keeping that site up as a honeypot. Otherwise he needs to do some serious housecleaning over there

that does make sense. honeypot thing.
but don't those spammers just use botnetworks - get you to download software crackz etc on a warez site - then leave a backdoor open when you run it...
then again it does always seem to be from ex-USSR that I get spammed like that.... at one point it was always with .ru email addies. As I was only adressing a local market in a foreign language I knew those were not real interest and just banned all adresses from that topleveldomain big_smile unfair as it is - effective it was.
but who knows - maybe it would help stopforumspam smile