Discussion
No, not on here, but we all hate them, wherever they are...
Seeing a lot in the last couple of weeks, leaving links to virtual servers on 208.116.31.140.
Nmap says:
There's a Plesk login on 8443.
Seeing a lot in the last couple of weeks, leaving links to virtual servers on 208.116.31.140.
Nmap says:
nmap -A -P0 208.116.31.140
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-12-09 20:21 GMT
Warning: Giving up on port early because retransmission cap hit.
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Interesting ports on 208.116.31.140:
Not shown: 1604 closed ports, 71 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 1.3.33 ((Win32) PHP/4.4.4)
139/tcp open netbios-ssn
1025/tcp open msrpc Microsoft Windows RPC
3389/tcp open microsoft-rdp Microsoft Terminal Service
8443/tcp open ssl/http Microsoft IIS webserver 6.0
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=4.11%P=i686-pc-linux-gnu%D=12/9%Tm=475C545B%O=80%C=1)
TSeq(Class=TR%IPID=I%TS=0)
There's a Plesk login on 8443.
Pigeon said:
Difficult to ban spambots by IP though...
Think I'm better off trying to persuade Those With The Power to implement a CAPTCHA in the registration, and in the meantime, moaning on here is cathartic
CAPTCHA is certainly worth implementing (although make sure the implementation in itself is secure, simply bolting it on will only result in smarter spambots getting through!)Think I'm better off trying to persuade Those With The Power to implement a CAPTCHA in the registration, and in the meantime, moaning on here is cathartic
China, Russia and AOL. Nothing good ever comes from those places and they can die.
Speaking in terms of IP blocks.
CAPTCHA will stop most of the dense ones getting in, however there are bots out there which defeat it either automatically or with human assistence; you've also got spyware which throws up images to get the woman to undress... guess where it gets those from?
Another good one to add along side it is a little radio button with "Are you Human?" seems to help and for those running common forum software.... only idiots of the first order run it in the default location (i.e. phpbb/) with the default theme (i.e. subsilver or hand modified subsilver) as that gives the bots a nice big bullseye to home in on via google.
Speaking in terms of IP blocks.
CAPTCHA will stop most of the dense ones getting in, however there are bots out there which defeat it either automatically or with human assistence; you've also got spyware which throws up images to get the woman to undress... guess where it gets those from?
Another good one to add along side it is a little radio button with "Are you Human?" seems to help and for those running common forum software.... only idiots of the first order run it in the default location (i.e. phpbb/) with the default theme (i.e. subsilver or hand modified subsilver) as that gives the bots a nice big bullseye to home in on via google.
TheLearner said:
China, Russia and AOL. Nothing good ever comes from those places and they can die.
Speaking in terms of IP blocks.
Yeah In this case the spam is promoting German websites hosted on a server in the US. What IP ranges the spam itself is coming from, is another matter of course.Speaking in terms of IP blocks.
TheLearner said:
CAPTCHA will stop most of the dense ones getting in, however there are bots out there which defeat it either automatically or with human assistence; you've also got spyware which throws up images to get the woman to undress... guess where it gets those from?
Of course if you introduce human assistance there's not a lot you can do to stop it apart from wholesale blocking of large IP ranges. But I'd reckon that CAPTCHA is the biggest single improvement that one can make.Current situation is that the forum receives about 50 new registrations per week of which recently about 20 are spam, and most of these promote the same site; it looks to me like a new bot has gone active.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff