Text only | Text with Images

Bitsum Community Forum

Release Announcements => Archived announcements => Topic started by: BenYeeHua on July 19, 2014, 07:37:22 PM

Title: About ads spam
Post by: BenYeeHua on July 19, 2014, 07:37:22 PM
Look like they has a similar IP address, if they keep spamming, you may wanna add the IP range into the Ban list Temporary.

And, remember to choose"Ban will expire after: x day(s)" as the IP should be dynamic IP, except you believe that it is Static IP, or that guy rarely disconnect his modem. :)
For how many days it should be, I think 3 days should be enough, if the same IP address keep showing up again, then ban the IP a week, then a month, not recommend ban the IP address more than 1 month.
Except you believe it is a Static IP, then the expires should be 3 days, a week, a month, a year.
PS:You can also just ban it a week, it should not be a issues.

If you wanna share or say something about ads spam, just reply here. ;)
Title: Re: About ads spam
Post by: BenYeeHua on July 20, 2014, 03:13:10 PM
I has added 2 ban trigger, which is:
1.*+*@gmail.com
2.*.*.*@gmail.com

If you believe this will affect normal user, please:
1.Disable it
2.Make the trigger better

And inform me. :)
---
And yup, don't add *.*@gmail.com, or our Jeremy(jeremy.collake) will not allowed to login. ::)
---
As the + is Regular expression, and less spam will use this, so I removed it.
---
Changed it to *.*.*.*@gmail.com, as it look like not much people will only add 1-2 dots to bypass the trigger or filter.
Title: Re: About ads spam
Post by: BenYeeHua on August 03, 2014, 03:54:11 PM
As you may know, I has start banning many server bot(and some of them are mostly VPN, and I named it as VPN), but because of my mistake, some of the IP range is not banning completely.
So if you found it, you can just fix the IP range directly, or tell me, and I will fix it later. :)
----
And ya, if you having some free time, please check some server IP range, and disable+report to me if it is used for VPN/Normal user.
Title: Re: About ads spam
Post by: Jeremy Collake on August 03, 2014, 04:04:15 PM
I appreciate your efforts!

Honestly, I don't have time to keep track of forum registrations. I've got so much else to do.

If you even *think* any bans may be a problem with regular users, I recommend not using them - better to be safe than sorry. Bans are rarely effective against spam bots and human spammers, but often hit regular users.
Title: Re: About ads spam
Post by: BenYeeHua on August 03, 2014, 04:16:07 PM
Quote from: support on August 03, 2014, 04:04:15 PM
I appreciate your efforts!

Honestly, I don't have time to keep track of forum registrations. I've got so much else to do.

If you even *think* any bans may be a problem with regular users, I recommend not using them - better to be safe than sorry. Bans are rarely effective against spam bots and human spammers, but often hit regular users.
Ya, I had check some IP address to see did there is normal user or not, or even spam bot.
If it is, then I will just disable the ban, or just split it to VPN user and hosting server bot if I has the time.

And ya, I mark it as rare/normal/high active etc., so if there is at least a VPN user reporting about the ban, and it is not high active(so far only colocrossing is on the list), then just disable it. :)
-----
Anyways, if any admins wanna start ban the server IP address, here is the tools.
http://tools.whois.net/whoisbyip/ (http://tools.whois.net/whoisbyip/)
http://bgp.he.net/ (http://bgp.he.net/)
https://www.cidrcalculator.com/ipv4/cidr-to-ip-range-bulk/?cy=USD (https://www.cidrcalculator.com/ipv4/cidr-to-ip-range-bulk/?cy=USD)

Check the whois of the IP first, then you will found the keywords.
Then find at the BGP, you will get the list of the keywords, better not using the IP that is showing inside the ASXXXXX, as it is not complete IP range, but you can use it as a compare, as some of them might not under the company name now.
Last, just copy the list, use notepad++ etc to remove the words like country and company name, then you can start find the IP range and ban it, most of the time it is split to a few part, so you can just find the min and max range, and write it as xx.xx-xx.* :)

Of cause, I will suggest you to check the IP, except the IP range is too much, normally it should has time to check for it.
Title: Re: About ads spam
Post by: BenYeeHua on August 03, 2014, 04:19:00 PM
And ya, funny facts, they still log-in to their old account even it is banned. ;D
For example.
https://bitsum.com/forum/index.php?action=profile;u=7882
Title: Re: About ads spam
Post by: BenYeeHua on August 06, 2014, 03:33:42 PM
This is some part of IP range from Nobis, some bots hosting there as they has a huge list of IP address.
I only ban large part of the IP range like x.*.*.*, if you found there are more bot spam with x.x.*.* which is small IP range, you can just take from here, and ban it. :)
Code Select
23.19.*.*
23.83.0-207.*
23.104-110.*.*
23.111.249-251.*
23.224-225.*.*
23.226.48-63.*
23.235.128-255.*
64.120.1-127.*
67.201.0-7.*
67.201.48-49.*
69.31.107.*
69.147.224-255.*
69.174.60-63.*
70.32.32-47.*
72.37.204.*
72.37.221.*
72.37.222-223.*
72.37.224-231.*
72.37.237.*
72.37.242-243.*
72.37.246-247.*
74.113.144.*
108.62.0-254.*
108.171.33-63.*
108.177.128-255.*
108.187.*.*
142.91.*.*
142.234.*.*
147.255.*.*
162.209.128-232.*
162.209.234*
162.209.237*
162.209.238*
162.222.68-71.*
162.246.185.*
162.246.186.*
167.160.116.*
172.240.*.*
172.241.*.*
172.247.*.*
172.255.*.*
173.208.0-127.*
173.234.*.*
174.34.128-190.*
192.151.236-239.*
192.161.80-95.*
192.163.160-191.*
192.229.64-127.*
192.238.128-255.*
192.253.242-.246.*
196.45.112-115.*
198.48.96-99.*
198.48.100-115.*
216.6.224-239.*
Title: Re: About ads spam
Post by: edkiefer on August 06, 2014, 04:13:35 PM
whatever your doing seems to be working .
much less spamming lately .
Title: Re: About ads spam
Post by: BenYeeHua on August 07, 2014, 10:05:38 AM
Yup, but I hope I don't ban the wrong server, and make sure I don't ban the ISP for normal user.

And I still has 1 way to reduce the wrong ban, which is allow the register/only disallow post, so if they register, I can check the account and see did it is having ads on their account or not, then I will know it is normal user or not.
But I think I will only do that if it is largely a VPN server IP range.
Title: Re: About ads spam
Post by: BenYeeHua on August 08, 2014, 11:31:37 PM
Just check awhile for Ban log and the email to see did there is any normal user, look like OVH Hosting is having most stupid bot ever, which try to register again and again and again and again, and sadly he can only spam the Ban log. ;)
----
Reminder for myself, not ban completely yet, some bot still register from the server, and only ban TOT public company limited.
http://bgp.he.net/AS50915#_prefixes (http://bgp.he.net/AS50915#_prefixes)
http://bgp.he.net/AS21479#_prefixes (http://bgp.he.net/AS21479#_prefixes)
http://bgp.he.net/AS6876#_prefixes (http://bgp.he.net/AS6876#_prefixes)
http://bgp.he.net/AS20860#_prefixes (http://bgp.he.net/AS20860#_prefixes)
http://bgp.he.net/AS53889#_prefixes (http://bgp.he.net/AS53889#_prefixes)
http://bgp.he.net/AS23699#_prefixes (http://bgp.he.net/AS23699#_prefixes)

http://bgp.he.net/AS9737#_prefixes (http://bgp.he.net/AS9737#_prefixes)

MS, only ban this when has time.
http://bgp.he.net/AS8075#_prefixes (http://bgp.he.net/AS8075#_prefixes)
Text only | Text with Images