Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Guestbook spammer bots

__/ [ Krustov ] on Friday 05 May 2006 13:07 \__

> <uk.net.web.authoring>
> <Roy Schestowitz>
> <Fri, 05 May 2006 07:37:59 +0100>
> <1583710.h76LTvce53@xxxxxxxxxxxxxxx>
>> Mine was spammed silly until a few months ago when I set up defences
> The casino type of spam isnt a problem - its the ones that say stuff
> like 'well done you have a great website' and put a porno url in the url
> entry box if there is one .

Yes, that's common. I still get those occasionally and I hate them the most
because you must hover over the URL and sometimes follow to judge before
deletion. No purging = asking for more.

> From the testing i've done so far the 'great website' type of spam still
> submits a entry even if there isnt a url box - and 95% of the time there
> isnt a url in the spam entry .

It's a brute force typa' thing. Same with rel="nofollow". Likelihood is
enough to make financial incentives prevail.

> I've identified a couple of 'great website' lines that are repeatedly
> used by the spammers - but how hard would it be for the spammers to
> change them .

Not hard if the spammer comes to realise that it's close, but no cigar. By
the way, in the search engine newsgroups there resides a guy who admittedly
spams guestbooks for pr0n.

> A image code will probably be the last thing i add to PHPGB before
> releasing it .

Whatever you do, make it hard for entry procedures to become scriptable or
for the process to be transparent. Intercept this early on, before releasing
code. There's a snag here: the harder a script becomes to write, the harder
it becomes for the genuine user to contribute. Corollary: spam deters real
contributions. If only the script kiddies had less spare time in their

Obscurity is often the only way to guarantee that automatic (as opposed to
manually-entered) spamming can be prevented. I continue to suffer from spam

    * E-mail
    * Forum subscriptions with site addresses
    * Forum messages
    * Guestbook entries (Advanced GB derivative)
    * WordPress comments
    * WordPress trackbacks
    * PHP-Nuke links
    * PHP-Nuke news submission
    * Wiki
    * Referrer spam
    * Zombie attacks

(list re-used...)

Best wishes,


Roy S. Schestowitz
http://Schestowitz.com  |     GNU/Linux     ¦     PGP-Key: 0x74572E8E
  1:10pm  up 7 days 20:07,  12 users,  load average: 0.22, 0.38, 0.43
      http://iuron.com - next generation of search paradigms

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index