logo                   
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Login


Options
Go to last post Go to first unread
Offline heeler  
#1 Posted : Friday, November 08, 2013 7:33:17 AM(UTC)
heeler


Rank: Senior Member

Reputation:

Groups: Registered, Moderator
Joined: 4/14/2010(UTC)
Posts: 1,666

Was thanked: 15 time(s) in 15 post(s)
"Holy crap.....has anyone looked at the ""Active users"" list???? Have we been spamed or hijakced???

What the heck is all that, I clicked on one of em and it said today was the sign up date, is it some kinda code or is it hyroglithics? Admin better take notice of all that sh-tuff before we get infected!!Tongue

I clicked on a few more and they had the little green light which means you are on line or active I should say, all the ones I went to stated today or just a few days ago for signup, hmmmmmCursing"
Offline scotty  
#2 Posted : Friday, November 08, 2013 7:41:31 AM(UTC)
scotty


Rank: Senior Member

Reputation:

Groups: Registered, Moderator
Joined: 7/25/2009(UTC)
Posts: 2,209

I think I banned his computer a couple of years ago but I didn't/still dont know how to alter the member list
Offline heeler  
#3 Posted : Friday, November 08, 2013 7:48:35 AM(UTC)
heeler


Rank: Senior Member

Reputation:

Groups: Registered, Moderator
Joined: 4/14/2010(UTC)
Posts: 1,666

Was thanked: 15 time(s) in 15 post(s)
Ahhhh, so you think thats one person doing all that...disgruntled member you think huh? I'm not quite sure what the purpose of all the effort is but whatever I guess.
Offline admin  
#4 Posted : Friday, November 08, 2013 8:03:47 AM(UTC)
admin


Rank: Administration

Reputation:

Groups: Administrators
Joined: 2/10/2002(UTC)
Posts: 501

Was thanked: 8 time(s) in 8 post(s)
We caught this yesterday morning (hence the forum being offline for a while yesterday, and self-registration only being put back online today). The software vendor checked our files, etc., and all was fine. It was just a spam-bot trying to find a way to exploit the forum, but it did not work (but it did create headaches for us, as we want to clear out the 25K+ registrations).

It has been suggested to me that it is not uncommon for a nasty competitor to start the ball rolling. I would like to think that didn't happen, but I guess one never knows.

Rick
Offline RCRed  
#5 Posted : Saturday, November 09, 2013 2:16:02 AM(UTC)
RCRed


Rank: Senior Member

Reputation:

Groups: Registered
Joined: 11/15/2012(UTC)
Posts: 720

Was thanked: 11 time(s) in 11 post(s)
POssible competitor, but moreover just russian and chinese spambots. They (Vbulletin and others) have block lists that keep all those nasty arse bots clean off the server. I use something called .htaccess lists in my webservers directories.

Not to get totally technical, but it's like a bouncer at the door - If you are on that list (IP address range), you simply get ignored - the webserver simply ignores you. Can't even get to the registration, or anything else for that matter.

Vbulletin has a good banning system and allows banning by IP address ranges, but boys there are hundreds of ip lists in Asia and Russia that are used for nefarious reasons. I used to spend a lot of time keeping up the lists, and then I went the .htaccess route and it's pretty much ended the threat on my sites.

My Dad's website got 30K signups in a week because some yahoo at Wordpress told him to re-install and one of the defaults was "any one can register". He was operating a Christian website at the time, and they just tore that site apart to the point it started affecting the other sites I had on that dedicated server.

The rack server I lease (from a hosting company) uses Linux as an Operating System, and hence it has an apache webserver (the default for Nix systems). Apache webserver uses .htaccess as a method for allow/deny access.

Here is the site for those blocklists if any one is interested;

http://www.wizcrafts.net/chinese-blocklist.html

Another handy-dandy tool is: http://www.ip-address.org/lookup/ip-locator.php

With the site link above you can take the IP address from the whos's online or registrant entry and find where they are originating from - down to the nearest internet router - Generally its not possible to get to an exact address/place (RcRed's posting from Mobile home on Copperhead road), but this will get you to their neighborhood..
Offline admin  
#6 Posted : Saturday, November 09, 2013 3:52:50 AM(UTC)
admin


Rank: Administration

Reputation:

Groups: Administrators
Joined: 2/10/2002(UTC)
Posts: 501

Was thanked: 8 time(s) in 8 post(s)
We have many IP ranges banned, but will check out the lists, too. This has happened before, although not in nearly these numbers, but stops as soon as we change the question and answer to register.
Offline RCRed  
#7 Posted : Saturday, November 09, 2013 4:56:38 AM(UTC)
RCRed


Rank: Senior Member

Reputation:

Groups: Registered
Joined: 11/15/2012(UTC)
Posts: 720

Was thanked: 11 time(s) in 11 post(s)
Also, Vbulletin has an anti spam server interface and you can get a free Askimet key for and then set it in the options. That will tie you into the VBull global spam control and that gets a great deal of them too. I use this on the VB sites I run;

Jes tryin to help - It's a PITA when ya have to spend precious time cleaning crud outa the boiler... Wink
RCRed attached the following image(s):
vbull_Spam_cntl.JPG (91kb) downloaded 0 time(s).

You cannot view/download attachments. Try to login or register.
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.