forum 6-29

Started by edkiefer, June 29, 2014, 07:52:12 PM

Previous topic - Next topic

edkiefer

I don't know who let the dogs out but today we got spammed by locksmith like no tomorrow , must of deleted like 50+ posts and they just kept reposting same crap .
I did notice it was only a few IP addresses but with many different names , I even gave few warnings but doubt that made any difference I think its some kind of bot/script .
Bitsum QA Engineer

BenYeeHua

Yup, just a improved bot/script, with the ability to having new email to register.
But funny/interesting that they are using the same IP over and over, it may showing it can be a servers that get hacked to run the script again and again.(Based on the Whois and IP, they are India, but the server is on Canada)
And I guess you just like me, found they are having the control under *@thewomenstore.us, right?

I think it should be stop, after you ban the email address. :)
---
Based on Google, they are just a spammer provider long time ago.
http://perishablepress.com/over-150-of-the-worst-spammers-scrapers-and-crackers-from-2007/

edkiefer

ok, I never banned anyone just so I know your saying to ban on there name (action>ban user) ?

Can we ban IP# or that might be bad if it not a single entity ?

PS: I didn't look into IP#, just noticed there was a lot of sharing (multiple spammers on 1 IP ) .

Maybe Jeremy can add those to blacklist so they get blocked ?
Bitsum QA Engineer

BenYeeHua

It is another moderator "hanemach_gt" Ban their email, sorry for that. ;D

And yes, we can ban the IP, but it only works if it is really a servers that running script, and it is not using CDN.
(I think just a spam servers should not having the ability to use CDN to browsing other website. ::))

Nope, Jeremy don't need to add to the server blacklist to block them, except they are just a stupid script that don't learning when to stop, after it found we has ban them on the forum.

And, it is a good ways to testing the SSL performance too. ;D
Just kidding, except they keep continue doing this after they are ban on the forum(which only Jeremy know, by looking on the used server bandwidth), I think just a forum ban is enough. :)

edkiefer

Bitsum QA Engineer

hanemach_gt

I banned the domain *@*.thewomenstore.us yesterday, 90% of the ban log entries are coming from these e-mail addresses.
<img src="[url="http://imageshack.com/a/img913/7827/On37F9.gif"]http://imageshack.com/a/img913/7827/On37F9.gif[/url]"/>

edkiefer

ok, cool .
I was going to ask if there was a history log, but found it under moderator , that is handy to see trends on who you delete/ban .
Bitsum QA Engineer

BenYeeHua

Yup, and sometime I keep an eyes on special e-mail for the spammer, to see did it may keep creating new accounts to spam or not.
But it look like most of them just using brand new hotmail yahoo account(but sometimes they will use the same email to spam on the another forum too) etc to spam it, so in this case should be easy enough to solve it. :)

Jeremy Collake

Thanks for keeping an eye on this guys. Yes, I hit a bunch myself the other day after we got slammed. Together, we can keep this place half functioning.

I know I've been 'away' from the forums, but super active in development. Trust me, things are coming. I have cool new offerings, though they may come from another company.

Regardless, finally we'll be releasing more stuff soon. There's been a lot of chaos all around me, but despite that, I've got cool things done. It's just a matter of getting it out the door.
Software Engineer. Bitsum LLC.

BenYeeHua

Don't worry, at long as the server and the forum system are still working, it is not too hard to manage the bots. :)
Except some people that facing bug on Process Lasso that need a fix, we can still helps most people by workaround it, or find the real cause by the other software. ;)