July 14th, 2007, 03:20 PM
first post - hi all!
it is my first post on this website!
I spent 8 days looking in google to find this forum
very nice site.
see ya all
July 14th, 2007, 06:22 PM
July 15th, 2007, 02:35 PM
July 15th, 2007, 04:13 PM
Welcome jeremykGG hope you enjoy your stay here!
July 15th, 2007, 11:43 PM
OK, maybe I am not going to win the "Mr. Niceguy award this year?"
Check "position" entry ??????????
And from the "BollyWoodMantra" site:
It would that seem that young "jeremy" has his intro text jammed in an infinite do loop?
I have to kill this one out of deference to my Australian friends......... "Gidday" rather than "G'day"........... really!
Hello Mr. Spambot............ and goodbye
EDIT: Actually, this bot is a bit smarter than a lot we have to deal with. Please look at this membership and note how it subtly changes the text so that a straight pattern matching filter would be circumvented?
Last edited by nihil; July 15th, 2007 at 11:52 PM.
July 16th, 2007, 12:01 AM
haha nihil your a spoil sport >.<
hey! check out the post im ABOUT to post in something like random discussions. ill title it "Google Yourself" check it out
July 16th, 2007, 10:10 AM
The current trend seems to be developing towards spamming forums, blogs, and social networking (Myspace etc.) sites.
I have yet to see anything informative on the infrastructure, methodology and economics of this activity.
Straight mail spam is pretty easy to figure:
You send 100,000 spams and get a 1% takeup. You make $50 on a transaction and you pay the spammer 1 cent per spam............ $50,000 - $1,000 = $49,000 profit. That's easy to figure out a business model with whatever numbers work for you. I guess you have to factor in the e-mail addy "harvesters" fees as well?
The thing with site spamming is that it is a much more drawn out process, as you actually have to create and validate an account that will only work once. Compare this to an e-mail addy that will work until the account is closed?
Also, given even the basic protections that site software provides, there has to be human input to get the registrations to work?
It is an interesting subject?
July 16th, 2007, 12:25 PM
VB has a feature where you can implement a security question which has helped me prevent bot registration successfully.
E.g. What is the third letter of the word: antionline.
If the answer is not t, then you can't register.
July 16th, 2007, 01:22 PM
That's an interesting suggestion. OK we have the obvious:
1. e-mail confirmation, where they have to provide a valid e-mail and respond to the welcome.
But they seem to get round those, which makes us suspect that the whole process must be partly human-supported?
A security question would be an additional layer, but would need to be complex and variable to avoid easy circumvention by a bot. By that I am suggesting that it would probably defend a specific site/group. However if a human looked at it they could determine the rules, and automate the response.
I guess that a lot of blocking is still down to manual verification. Hopefully the botmaster doesn't worry about the ones that fail so long as he is getting sufficient successes.
Another method is to measure the minimum amount of time that a real human would take to fill out the registration form. A bot will generally take far less than that so you bounce those applications.
July 16th, 2007, 01:36 PM
Bots are standardised per forum type.
So a VB Bot is programmed to respond to the email address verification field as each VB forum presents itself the same.
Captchas are easily circumvented by bots also.
So an option is an additional random security question.
Bots at present do not bypass these, so the only option would be human verification.
I'd suggest that bot writers don't care about the few that fail as long as there bot registers on 90% of forums.
Might be worth implementing and keeping an eye on the registrations.
By SwordFish_13 in forum AntiOnline's General Chit Chat
Last Post: April 5th, 2004, 04:40 AM
By w0lverine in forum Roll Call
Last Post: December 30th, 2003, 06:57 PM
By thirstybrain in forum Programming Security
Last Post: May 22nd, 2003, 07:27 AM
By Rewandythal in forum Non-Security Archives
Last Post: December 9th, 2001, 04:20 PM