Author Topic: Forum woes  (Read 13372 times)

Offline bubba

  • Administrator
  • forum hero
  • *****
  • Posts: 2736
Re: Forum woes
« Reply #50 on: February 09, 2011, 11:31:18 am »
Thanks all.

Overnight across the two sites, the new software has blocked 970 spam/login/registration attempts. Not bad at all :)
=:blubba:=

[ nsfw ]

Offline Rhys

  • Global Moderator
  • forum hero
  • *****
  • Posts: 1380
  • SWCC, RFDCC
Re: Forum woes
« Reply #51 on: February 09, 2011, 12:11:06 pm »
Nice work Bubba!

Offline mmilner

  • Experienced digging / conservation juggling
  • forum hero
  • *****
  • Posts: 1169
  • Outside Handshake Cave, Manifold Valley.
    • Darfar P.C. web site
Re: Forum woes
« Reply #52 on: February 09, 2011, 09:53:21 pm »
Yes, but it also says I'm a robot everytime I try and use the forum and makes me answer 2 simple maths questions which I find a bit annoying!
Norbert Casteret (Ten Years Under the Earth) and Pierre Chevalier (Subterranean Climbers) were my inspiration to start caving. (And I'm still doing it.) Secretary, Darfar Potholing Club, the Peak District.

Offline bubba

  • Administrator
  • forum hero
  • *****
  • Posts: 2736
Re: Forum woes
« Reply #53 on: February 09, 2011, 10:35:50 pm »
Well, there's a good reason for that.

If I check your IP address against Project Honeypot then we see the following (I've edited your full IP so as not to appear here):

Quote
Example Messages Sent From 82.132.xxx.xxx
From: USAA.Web.Services@customermails.usaa.com
Subject: instructions from customer service team
From: Артем ��ол��бо��
Subject: ДЕЛОВОЙ АНГЛИЙСК
From: Pfizer <noreply@pfizer.com>
Subject: claudette_schmelzer@goodtime.minibrothels.info Pfi
From: onelov4739@4hire.co.nz
Subject: Hi shirly.e.stomberg
From: Оля
Subject: Замки, ручки, фурнитура. Расп
From: "OpenMarketTV" <deifiesk8@royahakakian.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <foregoings417@razzi.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <diagnosticeo2@roycearbour.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <pomegranates5@rkpt.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <horrendousdfd74@royalfalcone.com>
Subject: Создание имиджа и рекламы пре
From: Pfizer <noreply@pfizer.com>
Subject: daniel_o_sinclair@pochta.premedic.amur.ru Pfizer -
From: "Pfizer Inc." <pameego8999@91gz.com>
Subject: Dear handsomekreisler -80% now
From: "Pfizer VIAGRA" <dalene.r.kayastha@beemagnet.nhs-f
Subject: Hey dalene.r.kayastha, official 80% discount
From: "Pfizer VIAGRA" <kimber_n_geer@mail2.premedic.org.
Subject: Hey kimber_n_geer, official 80% discount
From: Александр
Subject: Коммерческое предложен
From: nastypennimpede@mail3.premedic.bryansk.su
Subject: nastypennimpede VIAGRA � -65% discount

And

Quote
Example User Names Used By 82.132.xxx.xxx
User-name: aandjfafdj
User-name: ashtoncodling
User-name: beckiebertram
User-name: bpnncdijufjafdj
User-name: buhg
User-name: buhgalteria
User-name: bux
User-name: cbjndjfamfdj
User-name: cdqnxdjfanfdj
User-name: cjgndjufayfdj
User-name: cknddjwfalfdj
User-name: dbpndjfwasfdj
User-name: dir
User-name: ecnxdjfafpdj
User-name: epfnhdxjvfafndj
User-name: finance
User-name: gcnkdjfarfvdj
User-name: gpgnldejsfaifvdj
User-name: gprnldsjefaffxdj
User-name: hdjnedjfyajfydj
User-name: hr
User-name: iamjustsendingthisleter
User-name: info
User-name: jewelllengacher
User-name: konyddjyfagfdaj
User-name: nknjdjrffafgdwj
User-name: nndndmjxfrafcdgj
User-name: pbxndjfracfddkj
User-name: pcnhdjffayffdtj
User-name: ponndtjnfwaffjdxj

So, unless you're in the habit of spamming then I suggest you are unwittingly part of a botnet - I would suggest re-installing windows or at least running some A-Grade antivirus/anti-malware/anti-spyware/etc software because somebody is spamming from your IP.
=:blubba:=

[ nsfw ]

Offline robjones

  • forum star
  • ****
  • Posts: 631
Re: Forum woes
« Reply #54 on: February 10, 2011, 11:52:08 pm »
I too was asked to do a couple of sums when I logged onto this site earlier this evening. I've just waited a couple of hours whilst two programmes swept our computer - amongst the three threats found was a fake bot net thingy - all disposed of now - I wasn't asked to do sums when I relogged into this site. Thanks for the heads up in the previous couple of posts Bubba!

Reminder to self: warn our incautious offspring yet again about perils of t'internet...

Offline mmilner

  • Experienced digging / conservation juggling
  • forum hero
  • *****
  • Posts: 1169
  • Outside Handshake Cave, Manifold Valley.
    • Darfar P.C. web site
Re: Forum woes
« Reply #55 on: February 11, 2011, 08:29:19 pm »
OK thanx. I will check it out.

I don't normally use Windoze, usually Linux. (Never had a virus type problem in over 10 years!)

It's just that I've just moved house and I'm in crappy Vista on a crappy mobile dongle ATM that Linux has no drivers for as far as I can tell.

Proper broadband should be coming next week, so back to happyland then, lol!
Norbert Casteret (Ten Years Under the Earth) and Pierre Chevalier (Subterranean Climbers) were my inspiration to start caving. (And I'm still doing it.) Secretary, Darfar Potholing Club, the Peak District.

Offline graham

  • Retired
  • forum hero
  • *****
  • Posts: 10943
  • UBSS, Speleo-Club de Perigueux, GSG, SUI
    • UBSS
Re: Forum woes
« Reply #56 on: February 11, 2011, 08:41:15 pm »
OK thanx. I will check it out.

I don't normally use Windoze, usually Linux. (Never had a virus type problem in over 10 years!)

It's just that I've just moved house and I'm in crappy Vista on a crappy mobile dongle ATM that Linux has no drivers for as far as I can tell.

Proper broadband should be coming next week, so back to happyland then, lol!

What sort of dongle? Ubuntu has installed drivers for Vodaphone dongles for me before.
Caving is for Life not just for Christmas

Offline mmilner

  • Experienced digging / conservation juggling
  • forum hero
  • *****
  • Posts: 1169
  • Outside Handshake Cave, Manifold Valley.
    • Darfar P.C. web site
Re: Forum woes
« Reply #57 on: February 11, 2011, 09:52:48 pm »
An O2 HUAWEI 3G Dongle. It did detect it initially, just asked my for a pin, etc. But all the ones I entered (after searching on the web), were rejected with the message "make sure your SIM is inserted." Doh. Then I tried a 3 ZTE dongle and it asked me for login details which looked promising, (and which I now have), but now says it can't find a suitable device with either dongle, lol. I prob need to upgrade to the latest version of ma distro.

Anyway Bubba, as far as I can tell my IP address is nothing like that. It starts with 10.60.

And I can detect no unusual outgoing data over my web link either...
Norbert Casteret (Ten Years Under the Earth) and Pierre Chevalier (Subterranean Climbers) were my inspiration to start caving. (And I'm still doing it.) Secretary, Darfar Potholing Club, the Peak District.

Offline bubba

  • Administrator
  • forum hero
  • *****
  • Posts: 2736
Re: Forum woes
« Reply #58 on: February 11, 2011, 09:58:01 pm »
a crappy mobile dongle
This might be the cause of the problem. A user on ukb has similar issues from an O2 mobile number. I suspect that when your new broadband connection is on the issues will go away. I reckon it'll be linked to somebody having spammed from that IP in the past rather than your computer being infected.

Your IP has probably changed if O2 allocate them dynamically - that was the one you were being blocked on when I checked yesterday.
=:blubba:=

[ nsfw ]

Offline Maggot

  • obsessive maniac
  • ***
  • Posts: 380
  • Gone. Not being guilty by association.
Re: Forum woes
« Reply #59 on: February 13, 2011, 12:38:43 am »
I haven't been asked to do sums or ant sort of captcha, but I do keep getting logged out.

Offline bubba

  • Administrator
  • forum hero
  • *****
  • Posts: 2736
Re: Forum woes
« Reply #60 on: February 13, 2011, 06:23:59 pm »
So do I.

This problem is by no means solved yet, but we're getting on top of it more now.

There is actually a solution that kills it dead - force users to log in with their (hidden) email address instead of with their username - that way the bots can never log them out unless they guess their email address, which is pretty unlikely. I'm keen to implement this but it's a decision that needs the approval of Toby and Simon and I think Toby's away at the moment or something.

For the record, since the new anti-spam measures were implemented we've now blocked 3080 IP address here and 3650 on ukb.
=:blubba:=

[ nsfw ]

Offline rsch

  • stalker
  • ***
  • Posts: 268
Re: Forum woes
« Reply #61 on: February 14, 2011, 01:24:40 pm »
May be worth hearing that it's working fine from outside my normal network(s) - I'm a long way from home and using an unsecured hotel network where the ip address is bound to get blacklisted as soon as someone with a laptop riddled with viruses logs on - I'm told it's the only free, unsecured network in miles, so it has a certain appeal!

On my first attempt to access I got the questions, subsequently it's let me in immediately, so as far as I can tell from here, it's working as well as I could possibly expect  :thumbsup:

Offline mmilner

  • Experienced digging / conservation juggling
  • forum hero
  • *****
  • Posts: 1169
  • Outside Handshake Cave, Manifold Valley.
    • Darfar P.C. web site
Re: Forum woes
« Reply #62 on: February 15, 2011, 01:02:14 am »
Hey Bubba.

Just thought I'd let you know, I've not had a problem or a challenge today, as I've moved to a T-Mobile dongle. The O2 one was dropping out all day today. (Rubbish, though prob the signal strength in my area was the problem...)

Also thought I'd let you know that I've never, ever been logged out, if that might help at all... Keep up the good work, I'm sure we all appreciate it...

Regards, Mel.
Norbert Casteret (Ten Years Under the Earth) and Pierre Chevalier (Subterranean Climbers) were my inspiration to start caving. (And I'm still doing it.) Secretary, Darfar Potholing Club, the Peak District.

Offline graham

  • Retired
  • forum hero
  • *****
  • Posts: 10943
  • UBSS, Speleo-Club de Perigueux, GSG, SUI
    • UBSS
Re: Forum woes
« Reply #63 on: February 15, 2011, 08:56:26 am »
Interesting. It's logged me out twice this morning. Wholly bizarre the first time in that I appeared to be logged in and could move between threads but when I wanted to post, I was out.
Caving is for Life not just for Christmas

Offline Maggot

  • obsessive maniac
  • ***
  • Posts: 380
  • Gone. Not being guilty by association.
Re: Forum woes
« Reply #64 on: February 15, 2011, 07:06:40 pm »
Same here. Reading threads fine, I only appeared logged out when I clicked on the "mark all as read" button to clear threads I'm not following.

Offline paul

  • Global Moderator
  • forum hero
  • *****
  • Posts: 4013
  • Orpheus CC, NPC
    • Orpheus Caving Club
Re: Forum woes
« Reply #65 on: February 15, 2011, 10:37:33 pm »
Sounds like you (Graham and Maggot) were logged out during your session. You can of course browse and read messages while logged out but cannot post nre messages nor mark any as "Read". Probably a 'bot' was trying you logon name while you were yourselves logged on and failing.
I'm not a complete idiot: some parts are missing!

Offline Anon

  • Nobody
  • Newbie
  • *
  • Posts: 2
Re: Forum woes
« Reply #66 on: February 16, 2011, 07:30:06 pm »
There is actually a solution that kills it dead - force users to log in with their (hidden) email address instead of with their username - that way the bots can never log them out unless they guess their email address, which is pretty unlikely. I'm keen to implement this but it's a decision that needs the approval of Toby and Simon and I think Toby's away at the moment or something.

For the record, since the new anti-spam measures were implemented we've now blocked 3080 IP address here and 3650 on ukb.
I think the email login method is the way forward, the new measures put in place have made a difference but they are still getting through, albeit to a lesser extent.

Until a significant majority of worldwide computer (internet) users open their eyes to security, this or similar problems will always exist... Something so simple that causes so much trouble!