Development :
K-Meleon Forum
A dozen or more in a single night, all different names, some with a fake given email and most without anything at all. And who knows if they don't post dangerous links??
Please, if you want to keep all doors WIDE open for all non-members and spammers alike, basically I really like that too, but why not moderate their postings at least? So they can continue to freely post, just have to wait a bit until a moderator checks their post and allows it to get through?
That still allows everyone to post completely free, without signing up or give any data, and it's the very least procedure in all other forums I know out there. And that's already very rare. Usually one is already lucky if no user account is needed, only an automatic verification if the mail addy.
And even with the above suggestion, it's not like it were exactly difficult for spammers and malware posters to create new accounts in masses in a single night, or to signup for a username like Admin or such and announce a fake new KM version with a malware link, or any other dangerous links to a harmless looking but malicious webpage, even in the development or announcement section. But it would reduce the spam numbers at least partly.
That said, personally I'd even go so far and create an own usergroup for unknown posters and new members alike, whose posts must be checked first for suspicious stuff, but yes I know, no hope for that.
Edited 2 time(s). Last edit at 04/10/2011 02:33PM by siria.
I have removed it.
I don't understand the reason of such attack, except to test and make a new one more stonger...
A+
Mozilla/5.0 (x11; U; Linux x86_64; en-US; rv:1.9.1.17pre) Gecko/20101211 Ubuntu/12.04 (precise) K-Meleon/1.6.0
Mozilla/5.0 (x11; U; Linux x86_64; fr-FR; rv:1.9.2.14pre) Gecko/20101219 Ubuntu/12.04 (precise) K-Meleon/1.7.0
Web: K-Meleon Extension Setup (French) and (English)
Web: http://jujuland.pagesperso-orange.fr/
Mail : alain [dot] aupeix [at] wanadoo [dot] fr
Edited 1 time(s). Last edit at 04/10/2011 02:40PM by JujuLand.
Alas, they're like fleas. Go look at the QtWeb forums, where they seem to have given up scratching
I agree with siria, pre-inspection by a mod is needed, or rapid action when people report the threads.
OTOH, we assume it's real people making the posts -- what if it's only real people signing up? Maybe all we need is CAPTCHA for both phases, and some equivalent of a "hosts" file to block the IP?
Gordon.
____________________
W7HPx64, K-Meleon 1.6.0b2 & b2.5, Opera 12.01, IE9x32, IE9x64
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.
sad, but funny picture!
I think those were just tests tonight, to first test and adjust their automatic scripts, and looking what happens with their posts, if it works, if they show up, if they stay, how long, etc. And once the scripts work, and they find they are 'accepted posters', they start "Shooting sharp".
For simpel spam scripts captchas can help, but unfortunately those crappy things often give me real problems on other sites, sometimes make a site completely unusable.
The more dangerous thing are 'real people' posting malware stuff, and those can't be prevented with captchas
Edited 1 time(s). Last edit at 04/10/2011 04:44PM by siria.
A dozen or more is annoying but not all that much. It is only getting hairy when a script makes new entries faster than You can delete them.
We even had such event in the past.
A protection that does not let the same IP post fast and not more than maybe 20 posts in a short time might be helpful.
IMHO this forum will IMHO not stop scratching. If they start spamming the forum more we can always recruit more spam-hunter moderators/admins. 
Like ppl did in past times. Originally this forum had only devs with such rights. The number was raised to the current number because of past spam floods.
K-Meleon development related discussions.
What a spam flood again tonight...
Posted by:
siria
Date: April 10, 2011 02:30PM
A dozen or more in a single night, all different names, some with a fake given email and most without anything at all. And who knows if they don't post dangerous links??
Please, if you want to keep all doors WIDE open for all non-members and spammers alike, basically I really like that too, but why not moderate their postings at least? So they can continue to freely post, just have to wait a bit until a moderator checks their post and allows it to get through?
That still allows everyone to post completely free, without signing up or give any data, and it's the very least procedure in all other forums I know out there. And that's already very rare. Usually one is already lucky if no user account is needed, only an automatic verification if the mail addy.
And even with the above suggestion, it's not like it were exactly difficult for spammers and malware posters to create new accounts in masses in a single night, or to signup for a username like Admin or such and announce a fake new KM version with a malware link, or any other dangerous links to a harmless looking but malicious webpage, even in the development or announcement section. But it would reduce the spam numbers at least partly.
That said, personally I'd even go so far and create an own usergroup for unknown posters and new members alike, whose posts must be checked first for suspicious stuff, but yes I know, no hope for that.
Edited 2 time(s). Last edit at 04/10/2011 02:33PM by siria.
Re: What a spam flood again tonight...
Posted by:
JujuLand
Date: April 10, 2011 02:40PM
I have removed it.
I don't understand the reason of such attack, except to test and make a new one more stonger...
A+
Mozilla/5.0 (x11; U; Linux x86_64; en-US; rv:1.9.1.17pre) Gecko/20101211 Ubuntu/12.04 (precise) K-Meleon/1.6.0
Mozilla/5.0 (x11; U; Linux x86_64; fr-FR; rv:1.9.2.14pre) Gecko/20101219 Ubuntu/12.04 (precise) K-Meleon/1.7.0
Web: K-Meleon Extension Setup (French) and (English)
Web: http://jujuland.pagesperso-orange.fr/
Mail : alain [dot] aupeix [at] wanadoo [dot] fr
Edited 1 time(s). Last edit at 04/10/2011 02:40PM by JujuLand.
Re: What a spam flood again tonight...
Posted by:
gordon451
Date: April 10, 2011 02:54PM
Alas, they're like fleas. Go look at the QtWeb forums, where they seem to have given up scratching
I agree with siria, pre-inspection by a mod is needed, or rapid action when people report the threads.
OTOH, we assume it's real people making the posts -- what if it's only real people signing up? Maybe all we need is CAPTCHA for both phases, and some equivalent of a "hosts" file to block the IP?
Gordon.
____________________
W7HPx64, K-Meleon 1.6.0b2 & b2.5, Opera 12.01, IE9x32, IE9x64
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.
Re: What a spam flood again tonight...
Posted by:
siria
Date: April 10, 2011 04:43PM
Quote
gordon451
Alas, they're like fleas. Go look at the QtWeb forums, where they seem to have given up scratching
sad, but funny picture!
I think those were just tests tonight, to first test and adjust their automatic scripts, and looking what happens with their posts, if it works, if they show up, if they stay, how long, etc. And once the scripts work, and they find they are 'accepted posters', they start "Shooting sharp".
For simpel spam scripts captchas can help, but unfortunately those crappy things often give me real problems on other sites, sometimes make a site completely unusable.
The more dangerous thing are 'real people' posting malware stuff, and those can't be prevented with captchas
Edited 1 time(s). Last edit at 04/10/2011 04:44PM by siria.
Re: What a spam flood again tonight...
Posted by:
guenter
Date: April 11, 2011 10:20PM
Quote
siria
A dozen or more in a single night, all different names, some with a fake given email and most without anything at all. And who knows if they don't post dangerous links??
A dozen or more is annoying but not all that much. It is only getting hairy when a script makes new entries faster than You can delete them.
We even had such event in the past.
A protection that does not let the same IP post fast and not more than maybe 20 posts in a short time might be helpful.
IMHO this forum will IMHO not stop scratching.
If they start spamming the forum more we can always recruit more spam-hunter moderators/admins.
Like ppl did in past times. Originally this forum had only devs with such rights. The number was raised to the current number because of past spam floods.
