1619 posts
Posted 24 November 2012 - 07:22 PM
I have no idea why, but lately we've been getting a TON of spammers. I have some theories on why, but they're not important. Anyways, we need to stop it. I propose that Cloudy or dan put a lockdown on ALL ACCOUNT CREATION for 30 days. Either that or we find a way to stop them. Leave any other ideas in the comments, because frankly, I don't want us to have to do this, ESPECIALLY with dan at Minecon getting us tons of members. Please +1 to support, or leave a comment with a better idea to stop these spammers.
Oh and if you're a spammer:
1619 posts
Posted 24 November 2012 - 07:32 PM
Who wants to hear my theory? I'm quite surprised no one has thought of it before. Hmm, who is the enemy of CC Forums, who had an episode a couple of months ago, and who has experience with hacking. Mecha, if you don't know the answer to this one, I don't know what to say. ;)/>/>
1619 posts
Posted 24 November 2012 - 07:37 PM
Problem with suggestion 4: Who would've guessed we'd get a spam post with the word "kitchen" in it?
1619 posts
Posted 24 November 2012 - 07:43 PM
Deathx103… ;)/>/>/> I doubt he'd be back… not after the destruction I left him with. and dlcruz I don't know. xD
Well, I think its worth looking into, perhaps we should trace IPs?
1111 posts
Location
Portland OR
Posted 24 November 2012 - 07:45 PM
You can change your IP addy, they should start doing ban's against the MAC's addresses.
1214 posts
Location
The Sammich Kingdom
Posted 24 November 2012 - 07:51 PM
You can change your IP addy, they should start doing ban's against the MAC's addresses.
I thought only the modems store the MAC addresses?
Who wants to hear my theory? I'm quite surprised no one has thought of it before. Hmm, who is the enemy of CC Forums, who had an episode a couple of months ago, and who has experience with hacking. Mecha, if you don't know the answer to this one, I don't know what to say. ;)/>/>/>
Don't come up and accuse Mk of shit. All hackers hate spammers.
1111 posts
Location
Portland OR
Posted 24 November 2012 - 07:54 PM
You can change your IP addy, they should start doing ban's against the MAC's addresses.
I thought only the modems store the MAC addresses?
There are ways to get it. Some game servers allow to ban based on the MAC Hash, as well as some voice chat servers that I have ran in the past. Not sure if the forums has that ability or not though.
1214 posts
Location
The Sammich Kingdom
Posted 24 November 2012 - 07:56 PM
You can change your IP addy, they should start doing ban's against the MAC's addresses.
I thought only the modems store the MAC addresses?
There are ways to get it. Some game servers allow to ban based on the MAC Hash, as well as some voice chat servers that I have ran in the past. Not sure if the forums has that ability or not though.
You can still not trace the MAC address through a proxy. You will only get the proxy's MAC address.
1619 posts
Posted 24 November 2012 - 08:22 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us.
Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>
1214 posts
Location
The Sammich Kingdom
Posted 24 November 2012 - 08:39 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
1619 posts
Posted 24 November 2012 - 08:44 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
It's worth a shot. You're welcome to apply, too.
1214 posts
Location
The Sammich Kingdom
Posted 24 November 2012 - 08:45 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
It's worth a shot. You're welcome to apply, too.
Tell me where the apply button is.
389 posts
Location
Norway
Posted 24 November 2012 - 09:01 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
You do know that i got moderator status with 90 posts and 0 reports right? -_-/>/>/> it's about trust, not post count
Suggestion #1: Make Email Accounts REQUIRE VERIFICATION before logging in for the first time. -snip- :P/>/>/>/>
Email verification is turned on :/
1619 posts
Posted 24 November 2012 - 09:09 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>/>/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
It's worth a shot. You're welcome to apply, too.
Tell me where the apply button is.
Don't think there is one, I PM'ed Cloudy and Dan.
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. -_-/>/>/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
You do know that i got moderator status with 90 posts and 0 reports right? :P/>/>/>/> it's about trust, not post count.
That's reassuring. Thx.
1214 posts
Location
The Sammich Kingdom
Posted 24 November 2012 - 09:36 PM
I believe there is a possibility this hacker is using a botnet to bounce his connection, if so… we might not be able to stop him without extreme measures.
Which is why I proposed a lockdown on account creation. So, back to square one for us. Possible good news: I just asked cloudy/dan if there is any chance of me getting mod to stop these spammers. Perhaps I can just run around with ma shinee new ban hamma. ;)/>/>/>/>/>
A person with 144 posts should not get mod. I have reported about 50 posts.
You do know that i got moderator status with 90 posts and 0 reports right? -_-/>/>/>/> it's about trust, not post count
Suggestion #1: Make Email Accounts REQUIRE VERIFICATION before logging in for the first time. -snip- :P/>/>/>/>/>
Email verification is turned on :/
I realize it is about trust but, somebody who acts like a little kid(IMO) should not be mod.
686 posts
Posted 24 November 2012 - 10:23 PM
Holy cats there are a lot of people in this thread that don't understand how things work.
1) They are not "hackers", they're commercial spambots used by shady advertisers of the same ilk as those that send out email spam.
2) Tracing IPs won't help, they use a botnet and/or forged IP headers.
3) You can't get MAC addresses over the internet. You'll just see the MAC of the last switch to transmit the frame. Games that use MAC banning send the MAC address through the game itself.
4) Email verfication doesn't stop spambots either. And no, you can't track who created the emails either, unless you're the FBI. Even then you'd have difficulty.
5) There are groups out there like spamblacklist that publish a list of known spam originator IPs. Whether there are plugins for this forum for that or not, I'm unsure. Personally I don't feel they're that effective.
6) Blocking by keyword would be a good option, but I don't think there's a plugin for that. I could be wrong though.
1214 posts
Location
The Sammich Kingdom
Posted 24 November 2012 - 10:26 PM
Holy cats there are a lot of people in this thread that don't understand how things work. 1) They are not "hackers", they're commercial spambots used by shady advertisers of the same ilk as those that send out email spam. 2) Tracing IPs won't help, they use a botnet and/or forged IP headers. 3) You can't get MAC addresses over the internet. You'll just see the MAC of the last switch to transmit the frame. Games that use MAC banning send the MAC address through the game itself. 4) Email verfication doesn't stop spambots either. And no, you can't track who created the emails either, unless you're the FBI. Even then you'd have difficulty. 5) There are groups out there like spamblacklist that publish a list of known spam originator IPs. Whether there are plugins for this forum for that or not, I'm unsure. Personally I don't feel they're that effective. 6) Blocking by keyword would be a good option, but I don't think there's a plugin for that. I could be wrong though.
You could modify IP Board to not allow posts with keywords like {"Viagra", "UGGS"}.
2447 posts
Posted 25 November 2012 - 03:00 AM
I have added a captcha and email verification - it doesn't actually seem like there are many new accounts being created, just old ones that were done before the issues. I'm going to IP ban most of the spammer IP's (as far as I'm concerned, if someone let their machine be compromised they deserve to be banned).
I will look into what else I can do.
Edit: I may be able to make things better - but I'll have to speak to dan to either get access or for him to upload a plugin - and that will have to wait until after Minecon.
1619 posts
Posted 25 November 2012 - 04:36 AM
I realize it is about trust but, somebody who acts like a little kid(IMO) should not be mod.
Excuse me? How very nice of you to be a douche, but the decision is Dan/cloudy's. By all means lets try the captcha first. If they get around it (as mecha believes they might), then Dan or cloudy will do what they think is necessary.
1619 posts
Posted 25 November 2012 - 04:37 AM
Holy cats there are a lot of people in this thread that don't understand how things work. 1) They are not "hackers", they're commercial spambots used by shady advertisers of the same ilk as those that send out email spam. 2) Tracing IPs won't help, they use a botnet and/or forged IP headers. 3) You can't get MAC addresses over the internet. You'll just see the MAC of the last switch to transmit the frame. Games that use MAC banning send the MAC address through the game itself. 4) Email verfication doesn't stop spambots either. And no, you can't track who created the emails either, unless you're the FBI. Even then you'd have difficulty. 5) There are groups out there like spamblacklist that publish a list of known spam originator IPs. Whether there are plugins for this forum for that or not, I'm unsure. Personally I don't feel they're that effective. 6) Blocking by keyword would be a good option, but I don't think there's a plugin for that. I could be wrong though.
You could modify IP Board to not allow posts with keywords like {"Viagra", "UGGS"}.
The problem is, one of the posts was about kitchen utensils?
1619 posts
Posted 25 November 2012 - 02:43 PM
We just got another spam about wireless routers. How the hell do we put a filter on that? I think our solution has to be more moderators.
3790 posts
Location
Lincoln, Nebraska
Posted 25 November 2012 - 03:12 PM
And obviously the captcha is not working as it's intended, or it would catch automated account generators. It seems that an individual might be doing this manually?
1619 posts
Posted 25 November 2012 - 04:15 PM
Mecha said it would be easy to hack. I think Dan should get reCaptcha, not even real people can read it. :D/>/>
1214 posts
Location
The Sammich Kingdom
Posted 25 November 2012 - 05:02 PM
It is old accounts being used. Maybe put a temp Captcha for every new post created?
180 posts
Posted 25 November 2012 - 05:11 PM
deCaptcha software (that cracks captchas for spammers) can solve wordpress captchas with a 76% success rate.
Unfortunately having a captcha for each new post would likely only lock out more humans than spammers :{
Edit: Wow, now that I check again, quite a few systems the software can crack with a 100% success rate. That is by far higher than a human can :/
3790 posts
Location
Lincoln, Nebraska
Posted 25 November 2012 - 06:49 PM
I would go so far as to suggest blocking new accounts until we get this shit sorted. Maybe even shutting down the site temporarily.
1619 posts
Posted 25 November 2012 - 06:50 PM
I would go so far as to suggest blocking new accounts until we get this shit sorted. Maybe even shutting down the site temporarily.
Blocking accounts: yes, but TEMPORARILY. Dan is at Minecon, remember? Shutting down the site: no. Way too overkill.
1619 posts
Posted 25 November 2012 - 06:54 PM
Snippity snip.
686 posts
Posted 25 November 2012 - 07:02 PM
I see at least 2 people in this thread that need a time out. Possible 3.
1619 posts
Posted 25 November 2012 - 07:30 PM
Woah. Did we take him out? Team ComputerCraft FTW!
389 posts
Location
Norway
Posted 25 November 2012 - 08:34 PM
Woah. Did
we take him out? Team ComputerCraft FTW!
yeah… IRC tried to kill me while i was streaming XD
3790 posts
Location
Lincoln, Nebraska
Posted 25 November 2012 - 08:43 PM
yeah… IRC tried to kill me while i was streaming XD
Sorry I bugged you while streaming. But it had to be done, and you just picked the short straw tonight.
389 posts
Location
Norway
Posted 25 November 2012 - 08:53 PM
yeah… IRC tried to kill me while i was streaming XD
Sorry I bugged you while streaming. But it had to be done, and you just picked the short straw tonight.
Heh, i dont mind, its my job anyway :D/>/>
1619 posts
Posted 26 November 2012 - 04:56 AM
It appears that Cruor has finally decided to make a sticky post about the spammers and how to deal with them xD horray!
Yeah, damn, that babylon guy was absolutely insane. Its weird how overnight the forums went from Utopia to mayhem.
<– Holy crap: I went up two ranks in a day from yelling at that spammer.
2447 posts
Posted 26 November 2012 - 06:00 AM
Babylon and coolkid were the same person using tor :D/>/>
I think they were probably a forum regular pissing about.
1619 posts
Posted 10 December 2012 - 05:56 PM
Yeah, I know, I'm bumping an old topic. But no progress whatsoever has been made to keeping the spammers off the forums. Anyone have any idea? This is pretty annoying, reporting 3 posts a day.
2447 posts
Posted 10 December 2012 - 08:00 PM
Yeah, I know, I'm bumping an old topic. But no progress whatsoever has been made to keeping the spammers off the forums. Anyone have any idea? This is pretty annoying, reporting 3 posts a day.
The spam problem isn't that bad. However thanks for reminding me.
3790 posts
Location
Lincoln, Nebraska
Posted 11 December 2012 - 05:55 AM
The spam problem isn't that bad. However thanks for reminding me.
-snip for said spam-
Oh really? Not that bad?
2217 posts
Location
3232235883
Posted 11 December 2012 - 06:21 AM
yea, those helmets and biochemical warehouse low-priced offers are getting really bad
all of the linked sites are fake and some try to use java exploits :s
EDIT:
were also getting
antispam adsmaby they are trying to spam us into buying their products .-.
3790 posts
Location
Lincoln, Nebraska
Posted 11 December 2012 - 08:27 AM
yea, those helmets and biochemical warehouse low-priced offers are getting really bad
all of the linked sites are fake and some try to use java exploits :s
EDIT:
were also getting
antispam adsmaby they are trying to spam us into buying their products .-.
No, it's that the ad provider for this site uses keywords on the site to provide ads. So if a page has cetain keywords like UGGS, and it is mentioned a lot, there will be ads for UGGS.
2217 posts
Location
3232235883
Posted 11 December 2012 - 08:29 AM
yea, those helmets and biochemical warehouse low-priced offers are getting really bad
all of the linked sites are fake and some try to use java exploits :s
EDIT:
were also getting
antispam adsmaby they are trying to spam us into buying their products .-.
No, it's that the ad provider for this site uses keywords on the site to provide ads. So if a page has cetain keywords like UGGS, and it is mentioned a lot, there will be ads for UGGS.
i know :P/>
i get paranoid sometimes >_>
seriously though
ban everything that contains exessive amounts of UGGS
18 posts
Posted 12 December 2012 - 01:15 AM
Ban the ips of the spammers?
Or even hold a several hour lock on new accounts for spam purposes?
Im not sure what spam u are talking about so i cant really suggest anything.
1619 posts
Posted 12 December 2012 - 04:19 AM
Ban the ips of the spammers?
Or even hold a several hour lock on new accounts for spam purposes?
Im not sure what spam u are talking about so i cant really suggest anything.
1. They use TOR, google it. (Make sure you click on Wikipedia :P/>)
2. They'll just come back.
3. We're talking about the completely random posts flooding the forums, most of them talking about boots.