0

It's not the default. The default is blank. It just so happens to be the first item in the list though.

Then change it to Spammer. The bots will grab it and we'll know. A human won't and he'll be safe.

I think that most accounts are in stealth mode for a couple of months before posting, right??? Not really sure, it's not something we have the ability to track.

Another question, then:
What benefits do stealth (non-contributing) members have that non-members don't have? Is there a reason to sign up if one isn't going to post? From the member's and community standpoint, not the business standpoint.

0

How can we help Dani?

Just keep on reporting spam when you see it, using the flag bad post tool. It really does help us keep on top of things.

0

Another question, then:
What benefits do stealth (non-contributing) members have that non-members don't have? Is there a reason to sign up if one isn't going to post? From the member's and community standpoint, not the business standpoint.

PHP freaks asked the same question and concluded the reason being to subscribe to threads. People must like subscribing to threads if their willing to go all the way through the registration process just for that. I thought I would let you know, personally - I find the registration process too easy and is no wonder why bots are signing up. Perhaps you should make the registration process a little harder with validation such as 3rd party captcha and getting the user to answer a randomly selected IT question from a range of 500 IT questions in the database along with 10 possible answers for each question. It is a must to have at least 10 possible answers otherwise it is too easy for bots to guess. Also you can provide a google link for each question for those who don't know the answer. As I said, honestly the registration process is just too easy for everybody including the bots/guests.

0

We currently do a randomly selected ULTRA EASY IT-related question. However, questions like, "What is the seven-letter title of this website?" is not something a bot would ever be able to guess, as it's not like anything ever seen before on other Q&A captchas.

0

Yes Dani i can see how much you guys are securing the site...

I was trying to view AS A GUEST the other day and it said "Your IP addesss has been banned" (I quickly logged in and it went away :))

0

We currently do a randomly selected ULTRA EASY IT-related question. However, questions like, "What is the seven-letter title of this website?" is not something a bot would ever be able to guess, as it's not like anything ever seen before on other Q&A captchas.

Currently with the questions you have you don't have very many questions to send to the user and the way you choose the next question upon page refresh is a joke. I'll explain the changes which you should implement as a bot only needs to be programmed the answer to one question and keep on refreshing the page until that one question appears which isn't that many refreshes at the moment.
1) Get more questions. Perhaps between 150 and 250 questions will be plentiful.
2) Design an algorithm where the same question will not be shown twice until every question has been shown then the questions are randomly selected again. For example, record which questions have been shown and if the question occurs again then the server will need to select another question at random.

Following those two guidelines should help.

0

The news is quiet about the hacking this week, but as a user of Facebook I realize all the hacking success has made me ask myself two things. One, Apple users can access Facebook and everyone says that Apple does not get attacks, so the onus is on the vulnerability of Windows. Second, who says that an Apple Mac cannot initiate hacking and viruses? For that matter Linux would be a good platform for releasing viruses and hacking. I'm tired of Windows being blamed for everything. Just a thought.

0

The news is quiet about the hacking this week, but as a user of Facebook I realize all the hacking success has made me ask myself two things. One, Apple users can access Facebook and everyone says that Apple does not get attacks, so the onus is on the vulnerability of Windows. Second, who says that an Apple Mac cannot initiate hacking and viruses? For that matter Linux would be a good platform for releasing viruses and hacking. I'm tired of Windows being blamed for everything. Just a thought.

Receiving brute force attacks and sending brute force attacks are two different things. In you quote you are saying that Linux would be the ideal platform for *sending* attacks where as windows is the ideal platform for *receiving* attacks. Also apple claims that it is *cough* not the *cough* ideal platform for *receiving* attacks. So there is a big difference between sending and receiving attacks weather it's the more common brute force attack like daniweb is to some degree experiencing or an algorithmic attack which is able to decipher the circumstances and implement a hack based on the situation.

0

Huh?? Your IP isn't banned?

Yes im thankful it isnt,i must have been caught up in David's spam trap (Which must look @ guest browsing of the site)

0

Yes im thankful it isnt,i must have been caught up in David's spam trap (Which must look @ guest browsing of the site)

Bye bye quick reply, hello silly question.

PS: The random question I got for this post is "Are you human?". If no isn't the correct answer then I'm gonna sue somebody for discrimination ;)

PS2: I know it's not a joke, but I'm just being silly.

0

Foo...double posted...I'm not a spammer, I swear! Look at the next post!

:(

Edited by BitBlt: n/a

3

Another new bad guy: reidgevew

What's the best way to report these? Most of them don't have posts to flag, they just have a zillion logons and profile updates.

Votes + Comments
They're easy to spot in the weekly activity list
Thank you for helping out!
0

Post their member number here. Then we can find his head with the 2x4.

Okay, here's one for you: sleeraliaiday -- 924991

And another: Offisbusesics -- 924989

Edited by BitBlt: n/a

0

Currently with the questions you have you don't have very many questions to send to the user and the way you choose the next question upon page refresh is a joke.

Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

0

Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

That is why there should be one or two *good* questions that bots can't answer but innocent humans can easily answer. Currently there are just a couple of questions that repeatedly get asked so all a bot has to do is keep on refreshing the page until it gets the question it wants. Doesn't sound like a good system if you ask me when there are only about 10 questions to loop through.

Edited by cwarn23: n/a

0

> Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

The registration process hasn't changed in about a year. We've had Q&A verification since reCAPTCHA was compromised quite a long while ago now.

> Doesn't sound like a good system if you ask me when there are only about 10 questions to loop through.

I'm not going to say how many in potentially mixed company, but there are quite a handful more than 10 questions ;) However, the main point is that just the fact that the questions ARE unique to DaniWeb means that someone needs to go out of their way to program a bot to answer any of our questions. The majority of our spam attacks are targeting vBulletin forums en masse.

0

Looking at activity points for the week, it seems the top 5 or so are all spammers. They've been banned anyway. Why are their stats still up on the board? Looks like all their posts have been wiped.

0

Yeah, I been busy banning them and get no cred :(. It's a hard life being a Mod. Just as well the pay is good :icon_mrgreen:

0

> Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

The registration process hasn't changed in about a year. We've had Q&A verification since reCAPTCHA was compromised quite a long while ago now.

> Doesn't sound like a good system if you ask me when there are only about 10 questions to loop through.

I'm not going to say how many in potentially mixed company, but there are quite a handful more than 10 questions ;) However, the main point is that just the fact that the questions ARE unique to DaniWeb means that someone needs to go out of their way to program a bot to answer any of our questions. The majority of our spam attacks are targeting vBulletin forums en masse.

Then dani, could you try a random question 3 times below each other with three answers where all three questions must be correct. Two of the questions can be random questions from the existing random question system and the third can be a math question. That means to write a bot to crack the system you get 3 to power of X probability of being cracked instead of 1^X probability where X is the number of questions. I believe that will stop any bot. In case you want an example, here it is.

What is the first letter in the word daniweb?
Answer [ insert here ]

What does www stand for?
Answer [ insert here ]

In math, what is the answer to 10x4.3?
Answer [ insert here ]

That should stop any spam bot no matter what the complexity of custom bots provided you enter in enough questions. In this sample the first two questions share the same database of questions of at least 200 questions and the math questions is just a database of 100 questions. That would make the factor of decoding 1 in 3^500 which is a lot. Only python could count that. So give my theory a try and see how it works.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.