|
|
|
|
| Author |
|
|
Straight shooter
|
The Pelican BOT Problem
I'm seeing a lot of malicious BOT activity here on Pelican lately. I believe this presents a security risk for users of the forums and should be addressed by administrators as soon as possible. The BOTS are linking back to off shore sites which never ends well. This would likely be resolved by adding a more advanced captcha/audio captcha for the new user enrollment as well as IP bans for current BOTS. I personally flag a couple BOT posts each day and noticed they seem to be more prevalent and repetitive... time for Pelican to act. What say ye?
The examples go to Russia - I tried to post the URL's here but the software changed them to hyperlinks which presents a threat of inadvertent clicking. The list has been removed but most return to ".ru" in some form or another.
__________________
“Of the value traps, the most widespread and pernicious is value rigidity. This is an inability to revalue what one sees because of commitment to previous values. In motorcycle maintenance, you MUST rediscover what you do as you go. Rigid values makes this impossible.” ― Robert M. Pirsig, Zen and the Art of Motorcycle Maintenance: An Inquiry Into Values Last edited by Lapkritis; 01-28-2015 at 11:59 AM.. |
||
01-28-2015, 11:55 AM
|
|
|
Straight shooter
|
For those who aren't familiar, here's a quick and dirty lesson on BOTs:
Internet bot - Wikipedia, the free encyclopedia
__________________
“Of the value traps, the most widespread and pernicious is value rigidity. This is an inability to revalue what one sees because of commitment to previous values. In motorcycle maintenance, you MUST rediscover what you do as you go. Rigid values makes this impossible.” ― Robert M. Pirsig, Zen and the Art of Motorcycle Maintenance: An Inquiry Into Values |
||
|
01-28-2015, 12:03 PM
|
|
|
The Unsettler
Join Date: Dec 2002
Location: Lantanna TX
Posts: 23,885
|
Are we talking about the gibberish usernames with 4 posts that quote a sentence from a previous post in the same thread?
Those are not bots and by themselves are not a security risk to forum users. It's a black hat seo tactic known as spamdexing. Even though I believe the admins are already doing it blocking ip's is fruitless. |
||
|
01-28-2015, 12:14 PM
|
|
|
Straight shooter
|
Trackback spammers... I worry with the links appearing within posts and the admin software that it could take one of these old timers to an executable.
__________________
“Of the value traps, the most widespread and pernicious is value rigidity. This is an inability to revalue what one sees because of commitment to previous values. In motorcycle maintenance, you MUST rediscover what you do as you go. Rigid values makes this impossible.” ― Robert M. Pirsig, Zen and the Art of Motorcycle Maintenance: An Inquiry Into Values |
||
|
01-28-2015, 12:43 PM
|
|
|
Moderator
|
Quote:
 Best bet - report the infraction and ignore those posts. We eventually get around to them... -Z
__________________
2010 Cayman S - 12-2020 - 2014 MINI Cooper S Coupe - 05-17 - 05-21 1989 944S2 - 06-01 - 01-14 Carpe Viam. <>< |
||
|
01-28-2015, 12:49 PM
|
|
|
Straight shooter
|
Z-man, do you guys do anything beyond IP blocking?
For example, the BOTS trying to sell counterfit goods like Coach bags - you can report them to the FTC. How can I help make a difference? or more tools/approaches here: Technical information for systems administrators I mention the topic only because this is the one board out of about a dozen that I frequent with the biggest problem and what I would consider a gaping target of not-so-tech savvy old timers with money to afford Porsches.
__________________
“Of the value traps, the most widespread and pernicious is value rigidity. This is an inability to revalue what one sees because of commitment to previous values. In motorcycle maintenance, you MUST rediscover what you do as you go. Rigid values makes this impossible.” ― Robert M. Pirsig, Zen and the Art of Motorcycle Maintenance: An Inquiry Into Values |
||
|
01-28-2015, 01:01 PM
|
|
|
|
The Unsettler
Join Date: Dec 2002
Location: Lantanna TX
Posts: 23,885
|
Every modern browser has built in protection for that kind of activity.
Everyone knows they should be running a security suite and to keep it updated. I've got quite a few servers sitting out there and if you check the logs on any one of them at any time there is always a dictionary attack, email account access search, SSH probes, you name it, going on. Way back in the day it freaked me out but it's a fact of life and 99.9% of the stuff gets no where as long as you follow standard best practices. I've only ever had one server get compromised. One I turned over to a client when I stopped working for them. They did not manage it so it got out of date and got hacked. This is a free community forum and while our host should, and mind you does, do everything he can to provide a secure environment we share responsibility in keeping ourselves from harm. If it's happening here it can happen on every other VBulletin powered site so the real onus is on VBullettin to address the issue for their clients who pay for the SAS.
__________________
"I want my two dollars" "Goodbye and thanks for the fish" "Proud Member and Supporter of the YWL" "Brandon Won" |
||
|
01-28-2015, 01:04 PM
|
|
|
The Unsettler
Join Date: Dec 2002
Location: Lantanna TX
Posts: 23,885
|
Quote:
There is a fairly sizable group of highly technical people on Pelican. From people who are in the industry to people who just know a lot of poo. In general whenever a less technical person encounters something they don't understand they ask. And FWIW most people here don't have "money to afford Porsches". A lot of people have their cars sitting idle while they save up for a fix. Most folk here are as ordinary as the guy next door. EDIT: I think you meant that the perception may be that Pelican is a gaping target of not-so-tech savvy old timers with money to afford Porsches. I can see that.
__________________
"I want my two dollars" "Goodbye and thanks for the fish" "Proud Member and Supporter of the YWL" "Brandon Won" Last edited by stomachmonkey; 01-28-2015 at 01:21 PM.. |
||
|
01-28-2015, 01:15 PM
|
|
|
Straight shooter
|
Right... But as opposed to a Honda Civic forum, it's safe to say the net worth of the average user here is higher as is age of user. Nothing insulting about those facts I hope.
__________________
“Of the value traps, the most widespread and pernicious is value rigidity. This is an inability to revalue what one sees because of commitment to previous values. In motorcycle maintenance, you MUST rediscover what you do as you go. Rigid values makes this impossible.” ― Robert M. Pirsig, Zen and the Art of Motorcycle Maintenance: An Inquiry Into Values |
||
|
01-28-2015, 01:22 PM
|
|
|
Registered Cruiser
Join Date: May 2004
Location: Pursuing Happiness
Posts: 3,892
|
I've been called a lot worse.
__________________
87' Carmine Red Carrera - Keeper 82' Silver SC - Sold 79' Gran Prix White SC - Sold 05' Black C2S - Daily driver I have never really completely understood anything. |
||
|
01-28-2015, 01:38 PM
|
|
|
I'm with Bill
Join Date: Jun 2005
Location: Scottsville Va
Posts: 24,186
|
Quote:
The staff here does a very good job at keeping our stuff clean
__________________
Electrical problems on a pick-up will do that to a guy- 1990C4S |
||
|
01-28-2015, 01:48 PM
|
|
|
Registered
Join Date: May 2004
Location: Lake Cle Elum - Eastern WA.
Posts: 8,417
|
Quote:
 I'm just an old man with no money....Spent less than $20K on my 73.5 Targa, one owner 69T Coupe and 1960 190SL. As far as tech savvy, I can set the points and adjust the valves....(Sent from my Commodore 64)
__________________
Bob S. 73.5 911T 1969 911T Coo' pay (one owner) 1960 Mercedes 190SL 1962 XKE Roadster (sold) - 13 motorcycles |
||
|
01-28-2015, 02:09 PM
|
|
|
Air Medal or two
Join Date: Jul 2003
Location: cross roads
Posts: 14,082
|
Ok, we know Ziggy is several personalities on here.
He bet 500 dollars that me / us on the point, That I would NOT take him up on his ID, and his AKA shills . I took him up on it ! He ran like Heil. Guilty as charged . If he is not randy I will be more then surprised ! Yet, who is randy? I am using the "Q program" to track him and several others dwn.
__________________
D troop 3/5 Air Cav,( Bastard CAV) and 162 Assult Helicopter Co- (Vultures) South of Saigon, U Minh Forest, Delta, and all parts in between |
||
|
01-28-2015, 02:31 PM
|
|
|
Back in the saddle again
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 55,841
|
Quote:
__________________
Steve '08 Boxster RS60 Spyder #0099/1960 - never named a car before, but this is Charlotte. '88 targa  SOLD 2004 - gone but not forgotten
|
||
|
01-28-2015, 02:55 PM
|
|
|
Navin Johnson
Join Date: Mar 2002
Location: Wantagh, NY
Posts: 8,765
|
Quote:
FWIW... I haven't seen this much bot activity on other VB powered boards....
__________________
Don't feed the trolls. Don't quote the trolls  http://www.southshoreperformanceny.com '69 911 GT-5 '75 914 GT-3 and others |
||
|
01-28-2015, 03:15 PM
|
|
|
The Unsettler
Join Date: Dec 2002
Location: Lantanna TX
Posts: 23,885
|
Quote:
It's probably one of the few boards of it's size that remains un commercialized. There is no paid staff, other than Wayne, that I am aware of to monitor and maintain 24/7. It's also a few versions behind the current which is by design. I stopped using them at V4.
__________________
"I want my two dollars" "Goodbye and thanks for the fish" "Proud Member and Supporter of the YWL" "Brandon Won" Last edited by stomachmonkey; 01-28-2015 at 03:25 PM.. |
||
|
01-28-2015, 03:23 PM
|
|
P911
1989 Porsche 944S2 3.0l 16v 4cyl
BB
