The Changing Mirror

[foggybottom]

It looks like Pynkveini who is posting in general transformation is also a spambot.

[Iggy]

Roland05 as well...wow, who let the bots out?

[TheoW]

Roland05 as well...wow, who let the bots out?

They seem to be going crazy tonight... time to break out the shotgun!

In the hopes of trying to limit the damage from these mass postings, I've but a 90 second delay between posts. I doubt most users will run into it, but it might slow the bots down a bit.

[Cinnamon Twist]

Malcolnfix

[greinskyn]

WOW!!!!!!!!!!!!

dislibedids

Is it personal to wage an attack like this?????

[greinskyn]

Also;

Spitteectinab

and

Jacqui73



Guess bringing out the shotgun is like shooting Zombies. The noise just brings more...

[jsmt]

Theo

It seems that we are under attack. I don't know a thing about phpbb but I suggest that you change the registration procedure to make it harder for the boots.

Here are some ideas that I read:

1. Change the default settings for the CAPTCHA
2. Implement an administrative question (one that only a human could answer, or that it is related to the site and have just one right answer).
3. reject users from -12 time zone.

The code an instructions for doing this are here:

http://area51.phpbb.com/phpBB/viewtopic ... 71&t=30531

Hope this could help.

[TheoW]

Thanks for the info JSMT

Okay, I killed those spammers and added what I hope is a fairly simple question, lets hope that helps some.

[Maximus]

ToloPayoloLak

Kraulefin

[Alice]

Theo,

Seconding the reports of the user directly above me. Also ...

One thing I had to do when trying to eradicate spammers was go through and purge spammers who had already gotten through. A lot of spam registrations are like sleeper agents -- they'll register en masse at a point when the process is not difficult, and then use those spam accounts. For example, the ones that are posting now still, I'd bet some fictional money that they're accounts that haven't registered in the last day or so.

You can use the purge users feature in the Administration Control Panel to look for users with suspicious patterns. I would routinely delete users that never complete their registrations after a week. Personally, I wouldn't necessarily delete users who never post -- lurkers have a right to lurk -- but I would delete people who completed the registration process but never logged in, again, giving them a little slack time (maybe users who completed the registration process within the last week or two, or even a month, wouldn't be zapped). You can set up your own standards for staying a user and publicize them.

Also, unfortunately, smarting up the registration process only works so much. A lot of the more sophisticated spambot networks will pay people in third-world circumstances pennies per site to answer these sort of questions.

It's been a while since I fought board spammers, but off the top of my head, the three recommendations with the present circumstances I'd have would be (i) to use "Purge Users" both now and as a routine maintenance step as often as you find palatable, (ii) to use "ban by IP" when you ban spammers, and (iii) to bookmark the "View new posts" feature (available to anyone) as a twice-daily bookmark so you can see them as they pop up.

Good luck,

Alice