[CentOS-devel] URGENT: Website and fora at risk due to automated spammer account creation (Phil Schaffner)

Hristo Benev foxb at abv.bg
Wed Sep 14 17:17:04 UTC 2011


 
 >-------- Оригинално писмо --------
 >От:  centos-devel-request at centos.org
 >Относно: CentOS-devel Digest, Vol 79, Issue 7
 >До: centos-devel at centos.org
 >Изпратено на: Сряда, 2011, Септември 14 19:00:04 EEST

 >Send CentOS-devel mailing list submissions to
 >	centos-devel at centos.org
 >
 >To subscribe or unsubscribe via the World Wide Web, visit
 >	http://lists.centos.org/mailman/listinfo/centos-devel
 >or, via email, send a message with subject or body 'help' to
 >	centos-devel-request at centos.org
 >
 >You can reach the person managing the list at
 >	centos-devel-owner at centos.org
 >
 >When replying, please edit your Subject line so it is more specific
 >than "Re: Contents of CentOS-devel digest..."
 >
 >
 >Today's Topics:
 >
 >   1. URGENT: Website and fora at risk due to automated spammer
 >      account creation (Phil Schaffner)
 >
 >
 >----------------------------------------------------------------------
 >
 >Message: 1
 >Date: Wed, 14 Sep 2011 11:44:54 -0400
 >From: Phil Schaffner 
 >Subject: [CentOS-devel] URGENT: Website and fora at risk due to
 >	automated spammer account creation
 >To: "The CentOS developers mailing list." 
 >Message-ID: 
 >Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
 >
 >http://bugs.centos.org/view.php?id=5105
 >
 >Forum moderators have been battling spammers creating bogus accounts by 
 >the thousands using automated "bots".  The only way moderators currently 
 >have to attack the problem is by a laborious process of searching for 
 >such accounts and selecting them for deletion.  This has been working, 
 >although at the cost of considerable time to perform the operations; 
 >however, such accounts are currently being created at a rate of 
 >thousands per day making deletion of 50 at a time via the web interface 
 >a practical impossibility.
 >
 >Our approach has been to delete all "Inactive" accounts more than 7 days 
 >old (these are being created at a rate of about 1 per minute) and 
 >"Active" accounts with no posts and either no logins, or with no logins 
 >in the last 30 days.  The latter are the rapidly growing problem, and 
 >more than 40,000 accounts with zero posts created between 7 and 30 days 
 >ago currently exist.  Account creation at this rate will likely bring 
 >the site down if the situation is not dealt with soon.
 >
 >Proposed approach:
 >
 >1. Implement some automated way of deleting accounts as described above.
 >2. Implement captcha or some other mechanism in the account creation 
 >process to foil the bots.
 >
 >Phil
 >
 >
 >------------------------------
 >
 >_______________________________________________
 >CentOS-devel mailing list
 >CentOS-devel at centos.org
 >http://lists.centos.org/mailman/listinfo/centos-devel
 >
 >
 >End of CentOS-devel Digest, Vol 79, Issue 7
 >*******************************************
 >





There is also another way of lowering the number of accounts.

It is called zbblock

http://www.spambotsecurity.com/zbblock.php

It has the ability to block sertain IPs based on behaviour.

Good news is that it almost does not require product support.

It should be used with caution too..

-----------------------------------------------------------------
100 лв БОНУС. Най-високи коефициенти. Tempobet.com
http://bg.tempobet.com/affiliates/3208311



More information about the CentOS-devel mailing list