News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Spambot keeps returning

Started by peter500, November 12, 2017, 04:39:06 AM

Previous topic - Next topic

peter500

I have strange thing. A spambot called JerrodET keeps on spamming.
Well, that is what it is made for, but I had it banned the first time AND I have account admin approval checked.
How is this possible? It comes right in and even with the same name. And he still is on the banned list.

I have no mods installed or other changes since the conversion from VBulltin.

aegersz

There are some good anti-spam mods that i haven't had to use because nobody really bothers my site any more.

have you tried banning it via it's full IP address range ?

sorry if this is of little help but i thought it worth mentioning.

I'm also puzzled as to how they can start posting without admin approval (?)
The configuration of my Linux VPS (SMF 2.0 with 160+ mods & some assorted manual tweaks) can be found here and notes on my mods can be found here (warning: those links will take you to a drug related forum). My (House) music DJ dedication page is here

peter500

Thanks for your reply.

I do not have a anti-smap mod yet since I am still working on it after conversion. I thought I could keep them out with admin approval. And it does work since I see many smappers stuck there.

I run boards for a long time, but never seen this strange thing happen.

Kindred

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Black Tiger

Quote from: Kindred on November 12, 2017, 09:05:10 AM
What mods are you running?
Ehmz...?
Quote from: peter500I have no mods installed or other changes since the conversion from VBulltin.
Greetings, Black Tiger

Kindred

Lol... whoops...reading on a mobile and missed that.

The only time we have ever seem spambots bypassing the reg process has been because someone installed some sort of registration mod that was badly formed
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Biology Forums

Installing recaptcha by Google should prevent future bots.


Sir Osis of Liver

3/3/2017 – Update #2:

It seems that Google has fully patched this: raising the minimum number of digits from 4-5 to 10-12 and introducing new digit recordings that are harder to speech recognize, as well as background noise. The POC has stopped working as a result. It's been fun while it lasted


Ashes and diamonds, foe and friend,
 we were all equal in the end.

                                     - R. Waters

peter500

Thank you all for thinking with me. I will add captcha, that will probaly do the trick.
Is the number version better than the 'I am not a robot' version?

Kindred

Not actually necesarry.

Have you read the article from the faq on preventing spam?

Good questions are the number one best way to prevent spammers
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Steve

DO NOT pm me for support!

Arantor

Quote from: Sir Osis of Liver on November 12, 2017, 03:21:17 PM
3/3/2017 – Update #2:

It seems that Google has fully patched this: raising the minimum number of digits from 4-5 to 10-12 and introducing new digit recordings that are harder to speech recognize, as well as background noise. The POC has stopped working as a result. It's been fun while it lasted




Just because one guy stopped updating his proof of concept does not mean those who come after him stopped.

It's also still possible to buy 1000 completed CAPTCHAs for $2 USD

Sir Osis of Liver

Point is, all anti-spam measures are constantly under attack, and must be continuosly updated.  Don't think you'll ever find one that can't be beat.
Ashes and diamonds, foe and friend,
 we were all equal in the end.

                                     - R. Waters

Arantor

That was the point being made, yes, that unilateral "do this to fix the problem" advice doesn't work here.

It also doesn't work in China where Google Recaptcha is supposed to be blocked.

Black Tiger

It's like with all kind of encryption and security. They constantly are trying to find something new or something to bypass it.
As a result, the ones who protect themselves are always 1 step behind when something is broken, a flaw is found or a new trick is discovered.

That's why I agree with Kindred on this:
QuoteGood questions are the number one best way to prevent spammers
And best change those regularly to something else. Little work for adequate prevention.
Greetings, Black Tiger

a10

Quote from: Steve on November 12, 2017, 07:04:29 PM
As an example: Re: Spammers and spamming...

Still using that question system, around 15 with 3 active, all bots failing, 100' thousands of registration attempts stopped (ref. server logs) every year. No sign whatsoever of them cracking this. A few "human bots" registering (one or two every couple of months), immediately deleted and no big deal, to stop this final trickling one may implement something like the stopforumspam mod in addition to questions.
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

Advertisement: