October 22, 2017, 02:58:39 am
News:
Pages: [1]
Print
Author Topic: Admin, where are you?!  (Read 2912 times)
GigaHooker
Newbie
*
Posts: 1


View Profile
« on: January 06, 2011, 04:42:05 pm »

So lot of spam.. WHY?!
Moderator, WTF?Huh??
Logged
heyrick
Global Moderator
Sr. Member
*****
Posts: 340



View Profile WWW
« Reply #1 on: January 06, 2011, 07:45:51 pm »

My friend reported that the other night his forum was spammed to infinity and back. He has since altered the signup so that he personally checks the details given and verifies the people.

I think somebody somewhere has written a spam tool for the popular forum software. Let's face it, it wouldn't take much to work out how to scrape the Neuros forum and post junk. I could probably throw together a VB program in a couple of hours.

I did suggest, when reporting spam (as I seem to have been doing a LOT recently!) that it might be useful if they enable "captcha"s for posting messages. Well, if SMF is capable of doing that, that is.


Best wishes,

Rick.
Logged
ChadV
Administrator
Hero Member
*****
Posts: 1611


View Profile WWW
« Reply #2 on: January 07, 2011, 12:04:37 am »

We have a captcha for registering...

I'm trying to keep up with it with deletions and bans, but it is getting a little out of hand.  I'll see about tweaking a few things to try and stem the flow.
Logged
greyback
Administrator
Hero Member
*****
Posts: 1639


View Profile
« Reply #3 on: January 08, 2011, 09:58:42 am »

Hey,
yes spam is pretty bad at the moment. From looking at the server logs, I think a vulnerability in SMF is allowing bots to bypass the registration process completely. There is an update to SMF that I'll install shortly.

[edit] SMF's website down. Not a good sign! Smiley

If that doesn't work, I'll beef up the system with more captchas.

Also, there are over 36k members which I suspect as being fake - they have made zero posts, but a large proportion have URLs in their profiles. I think these should be deleted.

Thanks to all who are good enough to report these spam messages! It's hugely appreciated.
-G
« Last Edit: January 08, 2011, 10:27:59 am by greyback » Logged
heyrick
Global Moderator
Sr. Member
*****
Posts: 340



View Profile WWW
« Reply #4 on: January 08, 2011, 06:37:16 pm »

I think a vulnerability in SMF is allowing bots to bypass the registration process completely.

Ouch!

Still, it could be worse, it could be a full pwnage.

Errr... you have backups, right? There's a lot of info in here that isn't on any web page.


Quote
Also, there are over 36k members which I suspect as being fake - they have made zero posts,

They may have made posts that were deleted. SMF ought to have a flag for "user posted spam".

I think - given that you don't need to register in order to read these boards, that it would be justified to write a sticky topic to say something like:
We are trimming the system and deleting all users over a week old who have not made any posts. If you are a real user and wish for your account to remain active, please pop over to <General Discussion -> Hello World!> and say hello!
Then, in a week or two, do the tidy. It might make things a little bit faster? I guess the hard part will be, does SMF have a way to do something like that, or will it need to be done manually? Shocked


Best wishes,

Rick.
Logged
ChadV
Administrator
Hero Member
*****
Posts: 1611


View Profile WWW
« Reply #5 on: January 08, 2011, 07:04:30 pm »

SMF has the ability to batch delete based on a search 20 at a time.  And I get bored.  Tongue

We're going to start with people that have registered but never logged in.

And yes, there are backups.  Smiley
Logged
greyback
Administrator
Hero Member
*****
Posts: 1639


View Profile
« Reply #6 on: January 09, 2011, 05:15:26 pm »

I've updated the forum to the latest release, but I saw nothing which could fix a security hole. It's possible there is a mis-configuration, but I'll see about another anti-spam technology.

I think these dud accounts should just be deleted. It can be done directly via the database.
-G
Logged
heyrick
Global Moderator
Sr. Member
*****
Posts: 340



View Profile WWW
« Reply #7 on: January 10, 2011, 07:43:01 am »

I concur with greyback... do you really want to try to nuke a staggering number of dud users twenty at a time? What you do... you'll have to do over and over nearly 2000 times. You aren't called Yuki Nagato are you? Wink

It is an SQL database, right? Ought to be easier to:
  1. Make a trivial posting with the admin account (so it isn't a zero-post one).
  2. Find the incantation to select all the zero-post accounts.
  3. Pull them to a file on disc (just in case one or two were real, they could be restored).

Mmm...


Best wishes,

Rick.
Logged
Pages: [1]
Print
Jump to: