[CentOS-devel] URGENT: Website and fora at risk due to automated spammer account creation (Phil Schaffner)
Hristo Benev
foxb at abv.bg
Wed Sep 14 17:17:04 UTC 2011
>-------- Оригинално писмо --------
>От: centos-devel-request at centos.org
>Относно: CentOS-devel Digest, Vol 79, Issue 7
>До: centos-devel at centos.org
>Изпратено на: Сряда, 2011, Септември 14 19:00:04 EEST
>Send CentOS-devel mailing list submissions to
> centos-devel at centos.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.centos.org/mailman/listinfo/centos-devel
>or, via email, send a message with subject or body 'help' to
> centos-devel-request at centos.org
>
>You can reach the person managing the list at
> centos-devel-owner at centos.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of CentOS-devel digest..."
>
>
>Today's Topics:
>
> 1. URGENT: Website and fora at risk due to automated spammer
> account creation (Phil Schaffner)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Wed, 14 Sep 2011 11:44:54 -0400
>From: Phil Schaffner
>Subject: [CentOS-devel] URGENT: Website and fora at risk due to
> automated spammer account creation
>To: "The CentOS developers mailing list."
>Message-ID:
>Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
>
>http://bugs.centos.org/view.php?id=5105
>
>Forum moderators have been battling spammers creating bogus accounts by
>the thousands using automated "bots". The only way moderators currently
>have to attack the problem is by a laborious process of searching for
>such accounts and selecting them for deletion. This has been working,
>although at the cost of considerable time to perform the operations;
>however, such accounts are currently being created at a rate of
>thousands per day making deletion of 50 at a time via the web interface
>a practical impossibility.
>
>Our approach has been to delete all "Inactive" accounts more than 7 days
>old (these are being created at a rate of about 1 per minute) and
>"Active" accounts with no posts and either no logins, or with no logins
>in the last 30 days. The latter are the rapidly growing problem, and
>more than 40,000 accounts with zero posts created between 7 and 30 days
>ago currently exist. Account creation at this rate will likely bring
>the site down if the situation is not dealt with soon.
>
>Proposed approach:
>
>1. Implement some automated way of deleting accounts as described above.
>2. Implement captcha or some other mechanism in the account creation
>process to foil the bots.
>
>Phil
>
>
>------------------------------
>
>_______________________________________________
>CentOS-devel mailing list
>CentOS-devel at centos.org
>http://lists.centos.org/mailman/listinfo/centos-devel
>
>
>End of CentOS-devel Digest, Vol 79, Issue 7
>*******************************************
>
There is also another way of lowering the number of accounts.
It is called zbblock
http://www.spambotsecurity.com/zbblock.php
It has the ability to block sertain IPs based on behaviour.
Good news is that it almost does not require product support.
It should be used with caution too..
-----------------------------------------------------------------
100 лв БОНУС. Най-високи коефициенти. Tempobet.com
http://bg.tempobet.com/affiliates/3208311
More information about the CentOS-devel
mailing list