Page 1 of 1[ 31 posts ]
Security?
I just blue myself
Gender: Male
Location: Kangaroo City
Rank: Medium-in-training
Joined: Mon May 11, 2009 1:42 pm
Posts: 478
Anything to add, court-record members?
I'm So Meta, Even This Acronym
But in all honesty, META humour sucks.
But in all honesty, META humour sucks.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
We have an external blacklist based upon 8 or so anti-spam sites, but that can't catch 'new' sources of spam.
Our newest weapon is the ban hammer, which insta-poofs spammers when they get past the above.
Believe me, I'm as sick of this as you.
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
Wooster wrote:
Our newest weapon is the ban hammer, which insta-poofs spammers when they get past the above.
Sounds interesting. So is this a web application or HTML / PHP / Java code that immediately deletes accounts once it recognizes spamming? I've been seeing these annoying spambots posting about fetus's umbilical cords (seriously, WTF) and I've been wondering if the captcha system most websites use nowadays are dated, or even obsolete. Provided how relatively easy it is to hack such programs nowadays...
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
As best that I can tell, capatcha's problem isn't so much that it is dated, since I've observed that with it off the spam problem is even worse. The problem is that there are so few capatchas. They're over used on the internet so the more resourceful hackers only have a hand full of security measures to crack.
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
Gender: None specified
Rank: Decisive Witness
Joined: Sat Dec 17, 2011 9:34 am
Posts: 286
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Prime Suspect
Gender: Male
Location: Russia, Moscow
Rank: Suspect
Joined: Tue Mar 20, 2012 3:50 pm
Posts: 19
Quote:
So is this a web application or HTML / PHP / Java code that immediately deletes accounts once it recognizes spamming? I've been seeing these annoying spambots posting about fetus's umbilical cords (seriously, WTF)
Are sure that work correctly and no one get's hurt? If you do,then go ahead, i'd like to see this program in action. But if i put some "spam" or "enemy" links in my signature or put some link in my post to proof my opinion, i hope i will not be baned for spaming)))
In my country we creating a link zone and a "mercher" account for this. And everyone happy)))
I see everything!
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
Mr Hide wrote:
Quote:
So is this a web application or HTML / PHP / Java code that immediately deletes accounts once it recognizes spamming? I've been seeing these annoying spambots posting about fetus's umbilical cords (seriously, WTF)
Are sure that work correctly and no one get's hurt? If you do,then go ahead, i'd like to see this program in action. But if i put some "spam" or "enemy" links in my signature or put some link in my post to proof my opinion, i hope i will not be baned for spaming)))
In my country we creating a link zone and a "mercher" account for this. And everyone happy)))
No offense but I have no idea what the hell you're trying to say.
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Prime Suspect
Gender: Male
Location: Russia, Moscow
Rank: Suspect
Joined: Tue Mar 20, 2012 3:50 pm
Posts: 19
LightningfistCal wrote:
Mr Hide wrote:
Quote:
So is this a web application or HTML / PHP / Java code that immediately deletes accounts once it recognizes spamming? I've been seeing these annoying spambots posting about fetus's umbilical cords (seriously, WTF)
Are sure that work correctly and no one get's hurt? If you do,then go ahead, i'd like to see this program in action. But if i put some "spam" or "enemy" links in my signature or put some link in my post to proof my opinion, i hope i will not be baned for spaming)))
In my country we creating a link zone and a "mercher" account for this. And everyone happy)))
No offense but I have no idea what the hell you're trying to say.
No offense) If i bad in english then forgive me.
Just worring about our safety and safety of innocent users. This program might be dangerous and need be tested first)
"Link zone" i already found and in Russia we create a "limited account" which can use anyone who want, but can create post only in "Link zone".We call that a "friendly connections" or "Mutual advertizing" More friends-more links-more users see you and know you))).
I see everything!
Last edited by Mr Hide on Wed Mar 21, 2012 11:18 am, edited 2 times in total.
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
Mr Hide wrote:
Just worring about our safety and safety of innocent users. This program might be dangerous and shoot be tested first)
"Link zone" i already found and in Russia we create a "limited account" which can use anyone who want, but can create post only in "Link zone".We call that a "friendly connections" or "Mutual advertizing" More friends-more links-more users see you and know you))).
"Link zone" i already found and in Russia we create a "limited account" which can use anyone who want, but can create post only in "Link zone".We call that a "friendly connections" or "Mutual advertizing" More friends-more links-more users see you and know you))).
From what Wooster said, it seemd the Ban Hammer is an admin-controlled feature, not an automatic program. It specifically targets spambots, so regular users won't be affected. And I highly doubt that it might be a virus or malware, anyways.
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
However, I've instructed the staff only to do that when there is no reasonable doubt that the person is a bot. More traditional forms of banning are used for the more questionable and trolls.
For example, if I see something that may or may not be a spam bot, and the last time it visited was in 09, I'll just delete the account without an IP ban. If it's a person they're just unlucky and may have forgotten that they have an account here anyways. If it's a bot, it won't prevent them from signing up again, but that's one less annoying account to look at.
I probably do 70% of the bannings myself, with Gerk and General Luigi vying for second. There's not much room for error. Too bad so many bots get past.
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
The Real Human Being
Gender: Male
Rank: Ace Attorney
Joined: Wed Oct 22, 2008 5:53 pm
Posts: 3479
Wooster wrote:
The ban hammer is a one click ban, a rather thorough one click ban. Deletes the account, deletes all posts, and bans the IP. It's an effective last line of defense that our Mods can now use.
As best that I can tell, capatcha's problem isn't so much that it is dated, since I've observed that with it off the spam problem is even worse. The problem is that there are so few capatchas. They're over used on the internet so the more resourceful hackers only have a hand full of security measures to crack.
As best that I can tell, capatcha's problem isn't so much that it is dated, since I've observed that with it off the spam problem is even worse. The problem is that there are so few capatchas. They're over used on the internet so the more resourceful hackers only have a hand full of security measures to crack.
This rustled my Jimmies more than I care to admit.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
I think we'll have a hard time mistaking you for a bot.
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
DoMaya wrote:
Wooster wrote:
The ban hammer is a one click ban, a rather thorough one click ban. Deletes the account, deletes all posts, and bans the IP. It's an effective last line of defense that our Mods can now use.
As best that I can tell, capatcha's problem isn't so much that it is dated, since I've observed that with it off the spam problem is even worse. The problem is that there are so few capatchas. They're over used on the internet so the more resourceful hackers only have a hand full of security measures to crack.
As best that I can tell, capatcha's problem isn't so much that it is dated, since I've observed that with it off the spam problem is even worse. The problem is that there are so few capatchas. They're over used on the internet so the more resourceful hackers only have a hand full of security measures to crack.
This rustled my Jimmies more than I care to admit.
Sorry, couldn't resist.
Anyway, I really doubt the Ban Hammer is going to have any serious adverse effects on the members here, because, like Wooster already said, it's pretty damn obvious which ones are the spambots and which ones are the real members.
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
- Newest User: No one really cares about this right? And it basically becomes a game of reverse hot potato for the bots. Removed from the index.
- Birthdays: Whoops. You now need a non-zero post count to be listed. And if you post, you'll be ban hammered.
- Sigs: Bots often post spam in their sigs. You now need at least 5 posts before your sig will show. This will also apply to several profile fields. May add more to this list as time goes on.
This won't stop the bots. But I figure, it'll at least make it less rewarding for them.
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
The man who decides the verdict
Gender: Male
Location: Canada
Rank: Decisive Witness
Joined: Fri Mar 09, 2012 6:23 pm
Posts: 215
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Gettin' Old!
Gender: Male
Location: Scotland
Rank: Ace Attorney
Joined: Fri Jul 11, 2008 4:30 pm
Posts: 14363
LightningfistCal wrote:
Awesome job as always, Wooster. The "newest member" thing at the bottom of the index page was always, ALWAYS full of suspicious-looking usernames that I figured they were all spambots anyways. Nice to know C-R is taking security seriously, unlike that other forum... *cough*UbisoftACForums*cough*
You heard it folks CR > Official Ubisoft forums.
Made by Chesu+Zombee
You thought you could be safe in your courts, with your laws and attorneys to protect you. In this world only I am law, my word is fact, my power is absolute.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
Today? The day's not done yet, but we've had 2 'people' (One Human, One Spambot) join CR, and 1 other spambot that posted.
It may not be statistically significant and rather early to call, but I think we've won the game of hot potato. Now if we could just upgrade the ban hammer to send electrical shocks to the receiving end...
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
I just blue myself
Gender: Male
Location: Kangaroo City
Rank: Medium-in-training
Joined: Mon May 11, 2009 1:42 pm
Posts: 478
I'm So Meta, Even This Acronym
But in all honesty, META humour sucks.
But in all honesty, META humour sucks.
Re: Security?
Komikero
Gender: Male
Location: Las Islas Filipinas
Rank: Medium-in-training
Joined: Fri Oct 23, 2009 11:56 am
Posts: 493
Pierre wrote:
You heard it folks CR > Official Ubisoft forums.
Trying to mock me, eh?
FYI my statement is justified. The Ubi forums has a bad moderator system: misbehaving users take a shitload of time before they get banned, certain members who aren't even moderators or admins get special privileges just because they've been around for a long time, "new members" (spambots) can advertise all they want and the only penalty they get is their thread getting closed-- the account doesn't even get banned, and the forums have a broken censorship system that blocks out petty words like "butt" (you can't even spell "button" or "butterfly" there), "fart", and "beaver" (yes, no idea why either). And the members themselves are full of philosophical bullshit and constantly go off-topic.
Whereas C-R, even though it isn't really that active nowadays, has good control over how the forum is run; we've got admins like Wooster always doing their best to ensure the forum and the main site are running properly. We've got problems with spambots as well, but at least people are actually trying to find a way to solve this instead of just turning a blind eye. :/
I'm a professional comic artist and illustrator. Click on the above logo to visit my official website.
Re: Security?
Chaos wolf
Gender: Male
Location: London, England
Rank: Moderators
Joined: Tue Feb 27, 2007 9:09 pm
Posts: 631
Lie with passion and be forever damned...
360 gamertag: Mayhem64
360 gamertag: Mayhem64
Re: Security?
I just blue myself
Gender: Male
Location: Kangaroo City
Rank: Medium-in-training
Joined: Mon May 11, 2009 1:42 pm
Posts: 478
LightningfistCal wrote:
Pierre wrote:
You heard it folks CR > Official Ubisoft forums.
Trying to mock me, eh?
I don't think Pierre's trying to mock you. I think he's actually agreeing with you.
I'm So Meta, Even This Acronym
But in all honesty, META humour sucks.
But in all honesty, META humour sucks.
Re: Security?
Gettin' Old!
Gender: Male
Location: Scotland
Rank: Ace Attorney
Joined: Fri Jul 11, 2008 4:30 pm
Posts: 14363
ReturnofthePhoenix wrote:
LightningfistCal wrote:
Pierre wrote:
You heard it folks CR > Official Ubisoft forums.
Trying to mock me, eh?
I don't think Pierre's trying to mock you. I think he's actually agreeing with you.
Correct though more philosophical talk in an off-topic section here would be an entertaining and welcome addition I can see why philosophy would be a bigger deal to an Assassin's creed Fanbase than and AA fanbase.
Though that word-censor is pretty horrific.
Made by Chesu+Zombee
You thought you could be safe in your courts, with your laws and attorneys to protect you. In this world only I am law, my word is fact, my power is absolute.
Re: Security?
Ace Nobody
Gender: Male
Location: IN AMERICA! *shot*
Rank: Decisive Witness
Joined: Sat Jul 09, 2011 8:30 pm
Posts: 181
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
Mind, any suggestions made I'd like to do minimal harm to genuine new users, while obnoxious to the bots.
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
Gender: None specified
Rank: Decisive Witness
Joined: Sat Dec 17, 2011 9:34 am
Posts: 286
If adding a simple question in the registration form doesn't stop the bots, maybe having a question randomly chosen out of several would work better?
I don't know if it's feasible, but you could add some rules such as, new users are not allowed to post links in their very first post, or post pictures, or write "viagra", etc., else they're automatically banned. It shouldn't bother real users too much if it only affects the first post. But as I said, I don't know if it's feasible.
Also I wonder if some captcha's are more effective than others? I assume the people doing them are trying to keep up with the bots.
Re: Security?
Deputy of Self-Esteem
Gender: Male
Location: Connecticut
Rank: Admin
Joined: Thu Feb 22, 2007 8:36 pm
Posts: 3449
Jozerick wrote:
On some message boards, the admins have to manually activate accounts before the users can post. So the most obvious spambots don't get a chance to post. The downside is that it gives more work to admins, and legitimate users have to wait a certain time after registering before they can post.
If adding a simple question in the registration form doesn't stop the bots, maybe having a question randomly chosen out of several would work better?
I don't know if it's feasible, but you could add some rules such as, new users are not allowed to post links in their very first post, or post pictures, or write "viagra", etc., else they're automatically banned. It shouldn't bother real users too much if it only affects the first post. But as I said, I don't know if it's feasible.
Also I wonder if some captcha's are more effective than others? I assume the people doing them are trying to keep up with the bots.
If adding a simple question in the registration form doesn't stop the bots, maybe having a question randomly chosen out of several would work better?
I don't know if it's feasible, but you could add some rules such as, new users are not allowed to post links in their very first post, or post pictures, or write "viagra", etc., else they're automatically banned. It shouldn't bother real users too much if it only affects the first post. But as I said, I don't know if it's feasible.
Also I wonder if some captcha's are more effective than others? I assume the people doing them are trying to keep up with the bots.
Not interested in doing manual authorization. Unfair to the new users. Especially if staff goes absent.
I'm not convinced that random questions would work. I tried changing the question rapidly one time, manually mind you. Didn't stop the bots. Also didn't stop the bots when I changed the capatcha every hour.
Keyword banning... How many spam emails have you gotten including the word Viagra vs \/lAGR4?
But... not posting links... that may give me a few ideas...
Bump - bump - bump - bump - bump - bump - bump
Re: Security?
Gettin' Old!
Gender: Male
Location: Scotland
Rank: Ace Attorney
Joined: Fri Jul 11, 2008 4:30 pm
Posts: 14363
Though some people come here exclusively to launch their fangame/art in a peer group...maybe if you could limit new posters to ONE link per post for a while making them unable to post with more than one link. This way bots won't be able to link spam but new posters could still mention stuff and then the limit could be lifted on them once they are identifiably non-bots.
Made by Chesu+Zombee
You thought you could be safe in your courts, with your laws and attorneys to protect you. In this world only I am law, my word is fact, my power is absolute.
Re: Security?
Gender: None specified
Rank: Decisive Witness
Joined: Sat Dec 17, 2011 9:34 am
Posts: 286
Wooster wrote:
Keyword banning... How many spam emails have you gotten including the word Viagra vs \/lAGR4?
Well, just earlier today I saw a spambot post here with "viagra" clearly written. Even if keyword banning wouldn't stop all the spambots, I assume it would at least stop some of them.
Page 1 of 1
[ 31 posts ]
Who is online
Users browsing this forum: No registered users and 3 guests
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
News
Site map
SitemapIndex
RSS Feed