The Pelican BOT Problem
 

I'm seeing a lot of malicious BOT activity here on Pelican lately. I believe this presents a security risk for users of the forums and should be addressed by administrators as soon as possible. The BOTS are linking back to off shore sites which never ends well. This would likely be resolved by adding a more advanced captcha/audio captcha for the new user enrollment as well as IP bans for current BOTS. I personally flag a couple BOT posts each day and noticed they seem to be more prevalent and repetitive... time for Pelican to act. What say ye?

The examples go to Russia - I tried to post the URL's here but the software changed them to hyperlinks which presents a threat of inadvertent clicking. The list has been removed but most return to ".ru" in some form or another.

For those who aren't familiar, here's a quick and dirty lesson on BOTs:

Internet bot - Wikipedia, the free encyclopedia

Are we talking about the gibberish usernames with 4 posts that quote a sentence from a previous post in the same thread?

Those are not bots and by themselves are not a security risk to forum users.

It's a black hat seo tactic known as spamdexing.

Even though I believe the admins are already doing it blocking ip's is fruitless.

Trackback spammers... I worry with the links appearing within posts and the admin software that it could take one of these old timers to an executable.

This -- the faster we ban and block IP's of a spammer, the faster they are replaced by 5-6 new ones. Doesn't mean I still ban as many of them as possible -- gives me great satisfaction to pull the trigger on my ban gun. :D

Best bet - report the infraction and ignore those posts. We eventually get around to them...

-Z

Z-man, do you guys do anything beyond IP blocking?

For example, the BOTS trying to sell counterfit goods like Coach bags - you can report them to the FTC.

How can I help make a difference?

or more tools/approaches here:

Technical information for systems administrators

I mention the topic only because this is the one board out of about a dozen that I frequent with the biggest problem and what I would consider a gaping target of not-so-tech savvy old timers with money to afford Porsches.

Every modern browser has built in protection for that kind of activity.

Everyone knows they should be running a security suite and to keep it updated.

I've got quite a few servers sitting out there and if you check the logs on any one of them at any time there is always a dictionary attack, email account access search, SSH probes, you name it, going on.

Way back in the day it freaked me out but it's a fact of life and 99.9% of the stuff gets no where as long as you follow standard best practices.

I've only ever had one server get compromised. One I turned over to a client when I stopped working for them. They did not manage it so it got out of date and got hacked.

This is a free community forum and while our host should, and mind you does, do everything he can to provide a secure environment we share responsibility in keeping ourselves from harm.

If it's happening here it can happen on every other VBulletin powered site so the real onus is on VBullettin to address the issue for their clients who pay for the SAS.

That's somewhat insulting. I don't think you meant it that way.

There is a fairly sizable group of highly technical people on Pelican. From people who are in the industry to people who just know a lot of poo.

In general whenever a less technical person encounters something they don't understand they ask.

And FWIW most people here don't have "money to afford Porsches".

A lot of people have their cars sitting idle while they save up for a fix.

Most folk here are as ordinary as the guy next door.

EDIT: I think you meant that the perception may be that Pelican is a gaping target of not-so-tech savvy old timers with money to afford Porsches.

I can see that.

Right... But as opposed to a Honda Civic forum, it's safe to say the net worth of the average user here is higher as is age of user. Nothing insulting about those facts I hope.

I've been called a lot worse. :D

And there you have it. Virus protection is not a fool proof thing, we must take all the responsibility to ensure our own safety.
The staff here does a very good job at keeping our stuff clean

;)I'm just an old man with no money....Spent less than $20K on my 73.5 Targa, one owner 69T Coupe and 1960 190SL. As far as tech savvy, I can set the points and adjust the valves....;)

(Sent from my Commodore 64)

Ok, we know Ziggy is several personalities on here.
He bet 500 dollars that me / us on the point, That I would NOT take him up on his ID, and his AKA shills .
I took him up on it !
He ran like Heil.
Guilty as charged .
If he is not randy I will be more then surprised !
Yet, who is randy?
I am using the "Q program" to track him and several others dwn.

WTF are you talking about?

The tinfoil hat didn't just slip.... its fallen all the way off.

FWIW... I haven't seen this much bot activity on other VB powered boards....

Pelican is a big active board.

It's probably one of the few boards of it's size that remains un commercialized.

There is no paid staff, other than Wayne, that I am aware of to monitor and maintain 24/7.

It's also a few versions behind the current which is by design.

I stopped using them at V4.