2008-10-20: Serious Spammer / DOS activity

**infoxicated** · 20th October 2008, 09:55 PM

In the last few days the WipEoutZone server has been hit like a trampolinist with narcolepsy would hit the ground - hard and often.

What we've done to deserve this, I don't know, but I've had to disable searching for non-members and for members awaiting account activation, put in a minimum of 30 seconds between searching, and ramp up the human image verification for new registrations. Until they lose interest and pick on someone else we're also having to ban certain IP addresses at the server level.

Hasn't made a lot of difference to the load the server is being put under right now, though, with spammers hitting the search reqest page like the fist of an angry god. What they're searching for, it's not clear. Probably not inner happiness or a way to get rich via the stock market.

So, if this place is down more often than the kind of date who puts Rohypnol in their own drink, the above is the reason why.

**Darkdrium777** · 20th October 2008, 10:01 PM

ROFL. I can't believe there is someone pathetic enough to do a DOS attack on WipeoutZone.

Seriously, get a life. :-

Do you know if you can fix this permanently Rob?

**infoxicated** · 20th October 2008, 10:08 PM

Dont know - we're just going to keep trying different stuff.

There are over 20 sites that share the server with WipEoutZone - some of them *gasp* are more important than this place, so if we cant bring it under control soon we might need to take some extreme measures.

All those mental usernames you tend to see popping up in the new member thing in the footer are spammers. They put accounts together with usernames and email addresses containing words that would only make sense in the ****ing LOLCATS version of Scrabble.

I manually check then delete or activate every account, so the more they hit us the longer it takes for legitimate user accounts to get activated. Sucks big time.

**eLhabib** · 20th October 2008, 10:51 PM

Jeez, do you just come up with all those metaphors or do you have a book with 'cool stuff to say in every situation life may throw at you'

I was laughing uncontrollably, anyway

**_glitch_** · 21st October 2008, 12:08 AM

Ahhh! That's why it took so long for me to get re-activated when I changed my email address.

hit like a trampolinist with narcolepsy would hit the ground - hard and often

I plan to use this quote as often as possible. ;D

_glitch_

**Lance** · 21st October 2008, 01:43 AM

Rob, I hope you hit the guy from Korea who was hitting us so hard today. His IP range was only a 256 bit block.

Most of these worthless execrable rapist sodomites are trying to read the memberslist as soon as they come on; they're looking for our email addresses so they can be used either directly to send you spam, or indirectly so they can infect your email accounts and use them as zombies in a bot network to send spam to other people.

In your profiles, select the option to HIDE YOUR EMAIL ADDRESS. That way the only people who can see it without compromising the php or sql would be our admin and our mods.

**Harvai** · 21st October 2008, 03:46 AM

****, good idea Lance. Doing this now

**mdhay** · 21st October 2008, 01:34 PM

Do you think it could be anything to do with that advertise for $30 mail, Rob?

**infoxicated** · 21st October 2008, 02:32 PM

Definitely not.

Originally Posted by eLhabib

Jeez, do you just come up with all those metaphors or do you have a book with 'cool stuff to say in every situation life may throw at you'

I was laughing uncontrollably, anyway

I'm a big fan of metaphors and analogies, so I tend to put a bit of time into coming up with entertaining ones when I feel they'd be appropriate.

**Mad-Ice** · 21st October 2008, 05:21 PM

Very appropriate!

You are a funny guy. I hope you will get these spammers very quickly.

**Rapier Racer** · 22nd October 2008, 09:09 PM

Dirty bastards

Deserves castration!

It's a shame foxys book of 'cool stuff to say in every situation life may throw at you' doesn't exist, I'd buy it lol

**Worlock** · 22nd October 2008, 09:28 PM

Hi. I'm new here, but I've been adminning VB3 boards since the original version of VB, and I've been using the "ask a question" method with the most success. There's zero chance a bot is going to get it right, and that way you don't have to spend any time validating any more.

The biggest problem with this method is usually coming up with a question any legitimate visitor would know, but with the specialized nature of this board, it should be easy, and the question can have multiple answers. Something like "Name a Wipeout team from any of the games". There's no way anyone who's ever played any Wipeout game wouldn't remember at least one.

Just a suggestion. I was using CAPTCHA on my board until a few weeks ago, when they suddenly started to get through in huge numbers. I changed to this and haven't had one since (just hundreds of failed attempts daily

)

**infoxicated** · 22nd October 2008, 09:55 PM

Brilliant idea - I'll try that out.

**eLhabib** · 23rd October 2008, 11:44 AM

Nice one! The easiest solutions nobody thinks of are always the best

**Asayyeah** · 23rd October 2008, 02:12 PM

Congrats & welcome aboard Worlock for a 1st post it's truly a great one ! nice contribution : that's gonna made Foxxy more relax

**swift killer** · 23rd October 2008, 07:29 PM

Originally Posted by infoxicated

They put accounts together with usernames and email addresses containing words that would only make sense in the ****ing LOLCATS version of Scrabble.

ROFL, Rob, my god you are on form!

**Worlock** · 23rd October 2008, 08:57 PM

Well, there's nothing I hate more on the internet than spam bots, so all attempts to defeat them everywhere are my concern

I should add that you can also use this method on the search pages, so that guests can still search, but have to answer the question to submit the search.

On the Wipeout front, I played the original and XL religiously, then basically skipped 10 years of console gaming,until my brother told me he just downloaded Wipeout HD on his PS3. I've basically played it every free day with him since, although I still miss some of the feel from XL.

**infoxicated** · 24th October 2008, 11:39 AM

Heh! Dont we all.

I've thought about using the Q&A method before, but just never got round to trying it. Plus I didn't know that you could have a range of answers, so armed with that knowledge I'll try and set it up as soon as I have a free window to tinker with it.

**Lance** · 24th October 2008, 05:48 PM

I'd noticed a moderate slacking-off in the numbers of spambot registrations in the last 36 hours or so, and wondered if you'd already instituted some change, but noticed that some following the usual pattern were still getting through, so I guess it was just down to random luck.

My personal email, on the other hand, has seen about triple the spam in the last 3 or 4 days. arrgh I want to destroy the botnetmasters' computers.

**infoxicated** · 25th October 2008, 09:23 AM

I think banning one of the main ones at IP level on the server itself and barring gmail.com addresses has helped. The gmail.com barring wasn't working for the first 48 hours I had it in the filter, though, because I'd missed out the trailing m in my haste.

Thread: 2008-10-20: Serious Spammer / DOS activity

Thread Tools

Display

2008-10-20: Serious Spammer / DOS activity

Posting Permissions