DaniWeb Spam Attack - Page 2

Question

Dani 4,084 The Queen of DaniWeb

12 Years Ago

Huh?? Your IP isn't banned?

jingda commented: lol +0

BitBlt 452 Practically a Master Poster

12 Years Ago

Another new bad guy: reidgevew

What's the best way to report these? Most of them don't have posts to flag, they just have a zillion logons and profile updates.

Nick Evan commented: Thank you for helping out! +0

pritaeas commented: They're easy to spot in the weekly activity list +0

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

WaltP 2,905 Posting Sage w/ dash of thyme Team Colleague · Answer 1 · 2011-11-16T13:22:37+00:00

It's not the default. The default is blank. It just so happens to be the first item in the list though.

Then change it to Spammer. The bots will grab it and we'll know. A human won't and he'll be safe.

I think that most accounts are in stealth mode for a couple of months before posting, right??? Not really sure, it's not something we have the ability to track.

Another question, then:
What benefits do stealth (non-contributing) members have that non-members don't have? Is there a reason to sign up if one isn't going to post? From the member's and community standpoint, not the business standpoint.

happygeek 2,411 Most Valuable Poster Team Colleague Featured Poster · Answer 2 · 2011-11-16T15:44:56+00:00

How can we help Dani?

Just keep on reporting spam when you see it, using the flag bad post tool. It really does help us keep on top of things.

cwarn23 387 Occupation: Genius Team Colleague Featured Poster · Answer 3 · 2011-11-16T15:53:58+00:00

Another question, then:
What benefits do stealth (non-contributing) members have that non-members don't have? Is there a reason to sign up if one isn't going to post? From the member's and community standpoint, not the business standpoint.

PHP freaks asked the same question and concluded the reason being to subscribe to threads. People must like subscribing to threads if their willing to go all the way through the registration process just for that. I thought I would let you know, personally - I find the registration process too easy and is no wonder why bots are signing up. Perhaps you should make the registration process a little harder with validation such as 3rd party captcha and getting the user to answer a randomly selected IT question from a range of 500 IT questions in the database along with 10 possible answers for each question. It is a must to have at least 10 possible answers otherwise it is too easy for bots to guess. Also you can provide a google link for each question for those who don't know the answer. As I said, honestly the registration process is just too easy for everybody including the bots/guests.

Dani 4,084 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 4 · 2011-11-16T20:56:13+00:00

We currently do a randomly selected ULTRA EASY IT-related question. However, questions like, "What is the seven-letter title of this website?" is not something a bot would ever be able to guess, as it's not like anything ever seen before on other Q&A captchas.

The Dude 944 Nearly a Senior Poster · Answer 5 · 2011-11-16T21:11:57+00:00

Yes Dani i can see how much you guys are securing the site...

I was trying to view AS A GUEST the other day and it said "Your IP addesss has been banned" (I quickly logged in and it went away :))

cwarn23 387 Occupation: Genius Team Colleague Featured Poster · Answer 6 · 2011-11-17T10:01:45+00:00

We currently do a randomly selected ULTRA EASY IT-related question. However, questions like, "What is the seven-letter title of this website?" is not something a bot would ever be able to guess, as it's not like anything ever seen before on other Q&A captchas.

Currently with the questions you have you don't have very many questions to send to the user and the way you choose the next question upon page refresh is a joke. I'll explain the changes which you should implement as a bot only needs to be programmed the answer to one question and keep on refreshing the page until that one question appears which isn't that many refreshes at the moment.
1) Get more questions. Perhaps between 150 and 250 questions will be plentiful.
2) Design an algorithm where the same question will not be shown twice until every question has been shown then the questions are randomly selected again. For example, record which questions have been shown and if the question occurs again then the server will need to select another question at random.

Following those two guidelines should help.

BobGreen 0 Newbie Poster · Answer 7 · 2011-11-17T12:46:38+00:00

The news is quiet about the hacking this week, but as a user of Facebook I realize all the hacking success has made me ask myself two things. One, Apple users can access Facebook and everyone says that Apple does not get attacks, so the onus is on the vulnerability of Windows. Second, who says that an Apple Mac cannot initiate hacking and viruses? For that matter Linux would be a good platform for releasing viruses and hacking. I'm tired of Windows being blamed for everything. Just a thought.

cwarn23 387 Occupation: Genius Team Colleague Featured Poster · Answer 8 · 2011-11-17T12:58:18+00:00

The news is quiet about the hacking this week, but as a user of Facebook I realize all the hacking success has made me ask myself two things. One, Apple users can access Facebook and everyone says that Apple does not get attacks, so the onus is on the vulnerability of Windows. Second, who says that an Apple Mac cannot initiate hacking and viruses? For that matter Linux would be a good platform for releasing viruses and hacking. I'm tired of Windows being blamed for everything. Just a thought.

Receiving brute force attacks and sending brute force attacks are two different things. In you quote you are saying that Linux would be the ideal platform for *sending* attacks where as windows is the ideal platform for *receiving* attacks. Also apple claims that it is *cough* not the *cough* ideal platform for *receiving* attacks. So there is a big difference between sending and receiving attacks weather it's the more common brute force attack like daniweb is to some degree experiencing or an algorithmic attack which is able to decipher the circumstances and implement a hack based on the situation.

The Dude 944 Nearly a Senior Poster · Answer 9 · 2011-11-17T13:44:21+00:00

Huh?? Your IP isn't banned?

Yes im thankful it isnt,i must have been caught up in David's spam trap (Which must look @ guest browsing of the site)

adam_k 239 Master Poster · Answer 10 · 2011-11-18T04:01:48+00:00

Yes im thankful it isnt,i must have been caught up in David's spam trap (Which must look @ guest browsing of the site)

Bye bye quick reply, hello silly question.

PS: The random question I got for this post is "Are you human?". If no isn't the correct answer then I'm gonna sue somebody for discrimination ;)

PS2: I know it's not a joke, but I'm just being silly.

Dani 4,084 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 11 · 2011-11-18T04:39:43+00:00

Umm ... You shouldn't be getting silly questions? And you SHOULD be seeing quick reply?

Ezzaral 2,714 Posting Sage Team Colleague Featured Poster · Answer 12 · 2011-11-18T04:41:11+00:00

Ardav posted a similar experience here: http://www.daniweb.com/community-center/daniweb-community-feedback/threads/394976

Dani 4,084 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 13 · 2011-11-18T04:41:31+00:00

Dani 4,084 The Queen of DaniWeb

12 Years Ago

Ooh, nevermind, I figured out what happened. Will fix :)

BitBlt 452 Practically a Master Poster Featured Poster · Answer 14 · 2011-11-18T05:29:16+00:00

BitBlt 452 Practically a Master Poster

12 Years Ago

Foo...double posted...I'm not a spammer, I swear! Look at the next post!

:(

Edited 12 Years Ago by BitBlt because: n/a

WaltP 2,905 Posting Sage w/ dash of thyme Team Colleague · Answer 15 · 2011-11-18T06:58:42+00:00

Post their member number here. Then we can find his head with the 2x4.

The Dude 944 Nearly a Senior Poster · Answer 16 · 2011-11-19T18:31:14+00:00

The Dude 944 Nearly a Senior Poster

12 Years Ago

It would be nice getting things taken care of for sure :)

Edited 12 Years Ago by The Dude because: n/a

BitBlt 452 Practically a Master Poster Featured Poster · Answer 17 · 2011-11-23T00:55:11+00:00

Post their member number here. Then we can find his head with the 2x4.

Okay, here's one for you: sleeraliaiday -- 924991

And another: Offisbusesics -- 924989

adam_k 239 Master Poster · Answer 18 · 2011-11-23T02:01:54+00:00

I was wondering how you search for them and came accross a couple:
http://www.daniweb.com/members/Cedsferie/925539
http://www.daniweb.com/members/GajiAccutan/925534

I'd say it's safe to assume they are spam bots when their Computer Specs and OS Flavor is Man.

Ezzaral 2,714 Posting Sage Team Colleague Featured Poster · Answer 19 · 2011-11-23T02:04:02+00:00

Ezzaral 2,714 Posting Sage

12 Years Ago

Yep, those are definitely spammers.

Edit: were spammers ;)

Edited 12 Years Ago by Ezzaral because: n/a

WaltP 2,905 Posting Sage w/ dash of thyme Team Colleague · Answer 20 · 2011-11-23T07:59:16+00:00

WaltP 2,905 Posting Sage w/ dash of thyme

12 Years Ago

Kapow!!! Ezzaral the Conqueror Strikes!

Netcode 33 Veteran Poster · Answer 21 · 2011-11-25T20:35:25+00:00

Currently with the questions you have you don't have very many questions to send to the user and the way you choose the next question upon page refresh is a joke.

Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

cwarn23 387 Occupation: Genius Team Colleague Featured Poster · Answer 22 · 2011-11-26T11:54:01+00:00

Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

That is why there should be one or two *good* questions that bots can't answer but innocent humans can easily answer. Currently there are just a couple of questions that repeatedly get asked so all a bot has to do is keep on refreshing the page until it gets the question it wants. Doesn't sound like a good system if you ask me when there are only about 10 questions to loop through.

Dani 4,084 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 23 · 2011-11-26T12:02:22+00:00

> Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.

The registration process hasn't changed in about a year. We've had Q&A verification since reCAPTCHA was compromised quite a long while ago now.

> Doesn't sound like a good system if you ask me when there are only about 10 questions to loop through.

I'm not going to say how many in potentially mixed company, but there are quite a handful more than 10 questions ;) However, the main point is that just the fact that the questions ARE unique to DaniWeb means that someone needs to go out of their way to program a bot to answer any of our questions. The majority of our spam attacks are targeting vBulletin forums en masse.

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 24 · 2011-11-26T13:53:33+00:00

Maybe we should have multiple questions up front instead of the one only?

diafol · Answer 25 · 2011-11-26T15:16:06+00:00

Looking at activity points for the week, it seems the top 5 or so are all spammers. They've been banned anyway. Why are their stats still up on the board? Looks like all their posts have been wiped.

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 26 · 2011-11-26T15:22:58+00:00

Yeah, I been busy banning them and get no cred :(. It's a hard life being a Mod. Just as well the pay is good :icon_mrgreen:

cwarn23 387 Occupation: Genius Team Colleague Featured Poster · Answer 27 · 2011-11-26T18:09:39+00:00

> Mind you that when there are too many questions to be answered before a signup, it may force the innocent human to discontinue the registration process.
The registration process hasn't changed in about a year. We've had Q&A verification since reCAPTCHA was compromised quite a long while ago now.
> Doesn't sound like a good system if you ask me when there are only about 10 questions to loop through.
I'm not going to say how many in potentially mixed company, but there are quite a handful more than 10 questions ;) However, the main point is that just the fact that the questions ARE unique to DaniWeb means that someone needs to go out of their way to program a bot to answer any of our questions. The majority of our spam attacks are targeting vBulletin forums en masse.

Then dani, could you try a random question 3 times below each other with three answers where all three questions must be correct. Two of the questions can be random questions from the existing random question system and the third can be a math question. That means to write a bot to crack the system you get 3 to power of X probability of being cracked instead of 1^X probability where X is the number of questions. I believe that will stop any bot. In case you want an example, here it is.

What is the first letter in the word daniweb?
Answer [ insert here ]

What does www stand for?
Answer [ insert here ]

In math, what is the answer to 10x4.3?
Answer [ insert here ]

That should stop any spam bot no matter what the complexity of custom bots provided you enter in enough questions. In this sample the first two questions share the same database of questions of at least 200 questions and the math questions is just a database of 100 questions. That would make the factor of decoding 1 in 3^500 which is a lot. Only python could count that. So give my theory a try and see how it works.

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 28 · 2011-11-26T18:18:36+00:00

Please :). I have lost count on how many accounts I have banned today.