Page 1 of 1

Spam botnets

Posted: 11 May 2013, 23:04
by brokenman
We are currently being attacked by spambots on a massive scale. Many sites are so this is nothing new. These attacks come from many countries and are getting smarter and smarter as time passes. I'd like to reach out to the community and ask for advice, suggestions and feedback on what you think the best way to prevent/minimize these attacks is.

They are attacking our registration page and occasionally bypassing all layers of security and registering, then posting spam. With a really smart botnet, there could potentially be a lot of spam posted overnight before an admin can get to remove them. Any suggestions on prevention/cure/minimization?

Is anybody dead against using captcha?

Re: Spam botnets

Posted: 12 May 2013, 01:21
by francois
I am still alive using captcha. I have survived. This might be a good method for registration of real users. : 8)

Re: Spam botnets

Posted: 12 May 2013, 01:28
by sean
I'm not opposed to using captcha.

Sean

Re: Spam botnets

Posted: 12 May 2013, 06:00
by crashman
captcha does not prevent intrusion, the spammers for this purpose have a script in php, but if use logical captcha type

"3+6=?" or "or how are is day today ?" is better method.

regards

Re: Spam botnets

Posted: 12 May 2013, 13:03
by Hamza
Please note that the attacks was at a level where the nullroute (drop requests) of whole countries was necessary to stop them. Fortunately, all countries are now able to access porteus.org without restrictions.

Here is a short list of countries used to bounce the attacks:
  1. China
  2. Ukraine
  3. United States
  4. Poland
  5. France
  6. Spain
  7. Canada
Thanks :)

Re: Spam botnets

Posted: 12 May 2013, 16:46
by crashman
My proposal add logical captcha in a login area, this method is the best in my opinion.

Re: Spam botnets

Posted: 14 May 2013, 00:45
by francois
The proposition of crashman seems to be the good one. I think that Tomas uses that procedure. There was a lot of spam on the slax site.

Re: Spam botnets

Posted: 14 May 2013, 01:05
by brokenman
I should mention that the present system cross checks IP's signing up against a database of known bots and abusers. If they are on this list they are presented with another layer of security captcha. If not then no captcha is shown. Bots are getting smarter and are now able to bypass or answer many simple captcha techniques.

Personally I'd hate to see the day when the user bears the work of having to prove themselves to be human by answering questions, scanning an eyeball and then dancing the macarena. I've seen captchas that make the user complete a jigsaw puzzle before being able to post a request. I think security should a users experience without hindering it. Having said that i vote for (the expected) captcha for ALL users, with no discrimination. Bot or human, everybody must answer a question. Thoughts?

Re: Spam botnets

Posted: 14 May 2013, 02:18
by Ahau
I vote for the Electric Slide rather than the Macarena. There's nothing resembling a latin beat in these hips, I'm afraid.

Re: Spam botnets

Posted: 14 May 2013, 12:17
by Tonio
A captcha may be good, but the spam bots have figured things out?
Some transcendental numbers, i.e, pi, e and the euler macheroni constant or the Golden Ratio to a certain decimal place? at random. So having combinations that are hard for the spambots to defeat is what is needed in my opinion, but random numbers are not so random after a while :( Computer algorithms defeat the purpose. Maybe spam removal by regular users to help out? if the spam bots hit the site.

Anyone else propose something else?

Re: Spam botnets

Posted: 14 May 2013, 14:39
by Hamza
Open all doors.

Re: Spam botnets

Posted: 15 May 2013, 01:15
by brokenman
open all doors
Not such a good idea. Did this once at a party with no authentication at the door ... the house got trashed.

Re: Spam botnets

Posted: 15 May 2013, 05:03
by Hamza
Yes but I didn't says that nothing will be behind the doors.

Re: Spam botnets

Posted: 15 May 2013, 17:39
by Blaze
Try to block spam bot via IP on phpbb3

Re: Spam botnets

Posted: 15 May 2013, 17:46
by Hamza
Why wait until they reach phpBB? I'm looking to blocks them at Ethernet port directly :D