|
|
| Author |
Message |
Jason
SearchIRC Developer
Joined: 03 May 2003
Posts: 1486
Location: Tampa, FL
|
 Posted: Apr 21, 2008 6:48pm Post subject: |
 |
|
| The new changes seem to be working well. Only 4 new users signed up since it went in, and none are robots. I changed some of the links (from mode=register to mode=Pregister), but the spambots didn't even flinch. They follow all the hyperlinks on the register page, and fill out the form when they see it. So by changing the hyperlinks into a form, they are now lost :) |
|
| Back to top |
|
 |
greg27
Idler
Joined: 07 Oct 2006
Posts: 255
Location: Australia
|
| Posted: Apr 21, 2008 7:39pm Post subject: |
|
|
silly spambots  |
|
| Back to top |
|
|
PingBad
Post Whore
Joined: 05 Feb 2005
Posts: 3001
Location: New Zealand
|
| Posted: Apr 21, 2008 11:53pm Post subject: |
|
|
| greg27 wrote: | you could give the honeypot form field a try - if the bots weren't coded specifically for sirc it should help.
create a new textbox on the register page and name it something like 'url'. use css to hide it from people (display:none). before creating an account for a new user, check to see if this textbox is empty - if it isn't, it is likely a bot. |
I heavily doubt this would work. I have coded automated form submission bots previously (to automate tasks in a few web projects of mine) - and a common trick is to just send a GET request with the form data already filled in (ie: don't even request the signup page, just make it act like you did). Okay, a few rough-and-ready spambots might request the registration form, grep/wildcard-match the input fields and attempt to fill them in based on their name= value - but some more advanced ones already know what to put in for each name= (doesn't take a genius to spot that a <input type="text" name="user" /> tag is a spot for a requested username  ) |
|
| Back to top |
|
|
Snerf
Newbie
Joined: 15 Sep 2004
Posts: 75
Location: IRC
|
| Posted: Apr 23, 2008 12:30am Post subject: |
|
|
You would really think that the image verification would stop a lot of it?
Unless that was recently added. |
|
| Back to top |
|
|
Jobe
Eleet
Joined: 30 Jul 2006
Posts: 526
Location: Lurking in the shadows of some random channel!
|
| Posted: Apr 23, 2008 6:27am Post subject: |
|
|
| Snerf wrote: | You would really think that the image verification would stop a lot of it?
Unless that was recently added. |
Sadly phpBB2's image verification is known for being incredibly easy for spam bots to bypass. And from looking at the current CAPTCHA image, the current implementation is one of the easiest for bots  |
|
| Back to top |
|
|
Jason
SearchIRC Developer
Joined: 03 May 2003
Posts: 1486
Location: Tampa, FL
|
| Posted: Apr 23, 2008 7:01am Post subject: |
|
|
| Even google and hotmail's capatcha are currently being defeated. And google's skewed letters are sometimes difficult to make out for a human... |
|
| Back to top |
|
|
Jobe
Eleet
Joined: 30 Jul 2006
Posts: 526
Location: Lurking in the shadows of some random channel!
|
| Posted: Apr 23, 2008 9:04am Post subject: |
|
|
| About the only CAPTCHA I've seen that spam bots have incredible difficulty with is vBulletin's with most of the complexity options on (still readable by users too) |
|
| Back to top |
|
|
Snerf
Newbie
Joined: 15 Sep 2004
Posts: 75
Location: IRC
|
| Posted: Apr 30, 2008 12:04am Post subject: |
|
|
| Wow, crazy what kind of time people spend writing these bots just to defeat these things. Makes you wonder if just writing your own type of image verification would make it better, since its not 'common code' then. |
|
| Back to top |
|
|
Jobe
Eleet
Joined: 30 Jul 2006
Posts: 526
Location: Lurking in the shadows of some random channel!
|
| Posted: Apr 30, 2008 7:48am Post subject: |
|
|
| More often then not, something really custom, and not plain, is enough, because anything that isn't standard usually means the bot runners need to right custom code of their own just for your forum. Which is a lot of work just to post 1 or 2 posts from their bot. |
|
| Back to top |
|
|
Mary
SearchIRC Admin
Joined: 03 May 2003
Posts: 696
|
| Posted: Apr 30, 2008 7:15pm Post subject: |
|
|
| The ironic thing is, most spam posts we delete are long lists of links that no one in their right mind would read. I think they are looking for linkbacks in order to raise their google ranking, rather than actually enticing anyone here to go look at their sites. |
|
| Back to top |
|
|
PingBad
Post Whore
Joined: 05 Feb 2005
Posts: 3001
Location: New Zealand
|
| Posted: Apr 30, 2008 9:24pm Post subject: |
|
|
should do them a favor and beat them to the punch on the first page  |
|
| Back to top |
|
|
Jason
SearchIRC Developer
Joined: 03 May 2003
Posts: 1486
Location: Tampa, FL
|
| Posted: May 01, 2008 5:28pm Post subject: |
|
|
 |
|
| Back to top |
|
|
PingBad
Post Whore
Joined: 05 Feb 2005
Posts: 3001
Location: New Zealand
|
| Posted: May 02, 2008 5:52am Post subject: |
|
|
| Sometimes, jason, I wonder what makes you tick... this is one of those times, and - frankly - I'm not sure I want to know |
|
| Back to top |
|
|
Xaphan
Newbie
Joined: 12 Feb 2007
Posts: 78
|
| Posted: May 02, 2008 11:51am Post subject: |
|
|
 |
|
| Back to top |
|
|
Jobe
Eleet
Joined: 30 Jul 2006
Posts: 526
Location: Lurking in the shadows of some random channel!
|
| Posted: May 02, 2008 12:08pm Post subject: |
|
|
I only have one thing to say at those cartoons:
LAWL |
|
| Back to top |
|
|
|
Register
Log in
