Google Wave Spam

How to protect our Web Sites. Discussions, Methods, Things you should not do.

Moderator: Moderators

Google Wave Spam

Postby wave » Fri Sep 18, 2009 6:18 pm

Google Wave community has recently being hit by spammers. We are witnessing posts about porn, drug and other non-related promotional stuffs. Details at Google Wave Spam. We are using CAPTCHA but as the forum is young yet we are not using email authentication. Please suggest a solution.
wave
 
Posts: 18
Joined: Fri Jul 17, 2009 11:39 am

Advertisement

Re: Google Wave Spam

Postby iwanttobelieve » Mon Sep 21, 2009 2:26 pm

Increase the noise? Using specific/personal anti spam question? Such as "are you a spammer" with the answer "no" :lol:
iwanttobelieve
PR1
PR1
 
Posts: 123
Joined: Sun Jun 14, 2009 5:37 am
Location: Somewhere I don't belong lol

Re: Google Wave Spam

Postby wave » Mon Sep 21, 2009 4:05 pm

I have increased noise but that has no effect. Today I had to del 2 porn posts again ! Moreover I dont understand how this IP ( 89.108.121.168 ) posts again though I have banned it. May be the anti spam question will help. Please tell me how to incorporate this anti spam question ?

I am newbie at phpBB. Please give me a step by step guide.
wave
 
Posts: 18
Joined: Fri Jul 17, 2009 11:39 am

Re: Google Wave Spam

Postby wolkenkrieger » Mon Sep 21, 2009 6:54 pm

I use a combination of .htaccess and a modded captcha (daro PL-Antispam).

htacces:

Code: Select all
##################################
# Hacker und Anonymizer aussperren
##################################
order allow,deny
allow from all

deny from traffic.website.com
deny from anonymouse.org
deny from anonymizer.com
deny from anonym-surfen.com
deny from anonymization.net
deny from anonymisierungsdienst.de
deny from behidden.com
deny from browzar.com
deny from callinghome.sourceforge.net
deny from the-cloak.com
deny from cotse.net
deny from findnot.com
deny from guardster.com
deny from htthost.com
deny from http-tunnel.com
deny from proxify.com
deny from hujiko.com
deny from proxy.hujiko.com
deny from anon.inf.tu-dresden.de
deny from megaproxy.com
deny from vip.megaproxy.com
deny from metropipe.net
deny from mezzy.com
deny from buerschgens.de
deny from nutzwerk.de
deny from safer-surf.de
deny from saver-surf.com
deny from surfeasy.info
deny from steganos.com
deny from torproject.org
deny from ultimate-anonymity.com
deny from hrmovie.com
deny from your-freedom.net
deny from secure-tunnel.com
deny from anonymiser.co.uk
deny from anonymsurfen.com
deny from anonym.123-mail.eu
deny from 123-mail.eu
deny from zeroknowledge.com
deny from proxy1.ru
deny from proxy2.com
deny from proxy3.com
deny from anonymizer.su

deny from 89.111.164.1/24
deny from 89.111.165.1/24
deny from 124.115. #CHINANET
deny from 209.163.240.200 #TimeWarnerTC
deny from 200.226.246.22 #Internet-Group-Brasil
deny from 87.106.41.209 #SCHLUND-CUSTOMERS
deny from 88.84.133.139 #1blu-webhosting
deny from 212.43.222.166 #Media-CD-Prod-FR
deny from 62.103.164.201 #OTEnet-GR
deny from 194.182.224.124 #HAMMERUM-FRISKOLE-DK
deny from 131.211.183.51 #Universitaet-Utrecht
deny from 213.161.195.213 #FRONTIER-1
deny from 24.214.228.204 #KNOLOGY-Holdings
deny from 89.207.191. #Ukraine
deny from 82.207.103. #Ukraine
deny from 201.46.252.117 #Brazi-Comite-Gestor
deny from 86.124.229.216 #FIBERLINK
deny from 193.138.206.207 #KDIS-Network-NL
deny from 212.227.96.133 #speak-friend.com
deny from 62.193.229.54 #wpc1507.host7x24.com
deny from 88.226.199.38 #TurkTelecom**
deny from 87.106.50.8 #s15219491.o

deny from 89.111.164.1/24
deny from 89.111.165.1/24
deny from 124.115. #CHINANET
deny from 124.115.0.0/24 # extrem Denial of Service aus kompletter Range (124.115.0.0 - 124.115.0.255)
deny from 209.163.240.200 #TimeWarnerTC
deny from 200.226.246.22 #Internet-Group-Brasil
deny from 87.106.41.209 #SCHLUND-CUSTOMERS
deny from 88.84.133.139 #1blu-webhosting
deny from 212.43.222.166 #Media-CD-Prod-FR
deny from 62.103.164.201 #OTEnet-GR
deny from 194.182.224.124 #HAMMERUM-FRISKOLE-DK
deny from 131.211.183.51 #Universitaet-Utrecht
deny from 213.161.195.213 #FRONTIER-1
deny from 24.214.228.204 #KNOLOGY-Holdings
deny from 89.207.191. #Ukraine
deny from 82.207.103. #Ukraine
deny from 201.46.252.117 #Brazi-Comite-Gestor
deny from 86.124.229.216 #FIBERLINK
deny from 193.138.206.207 #KDIS-Network-NL
deny from 212.227.96.133 #speak-friend.com
deny from 62.193.229.54 #wpc1507.host7x24.com
deny from 88.226.199.38 #TurkTelecom**
deny from 193.138.206.207 #KDIS-Network-NL
deny from 212.227.96.133 #speak-friend.com
deny from 62.193.229.54 #wpc1507.host7x24.com
deny from 88.226.199.38 #TurkTelecom**
deny from 87.106.50.8 #s15219491.onlinehome-server.info
deny from 87.106.35.101 #s15207048.onlinehome-server.info
deny from 62.81.224.167 #Server Housing Madrid
deny from 194.126.175.35 #Neoworld-Ltd
deny from 200.226.246.22 #Internet Group do Brasil Ltda
deny from 202.67.153.151 #HKNet Company Limited
deny from 212.241.214.48 #UK-PIPEX-HOSTING-GERMANY-23
deny from 217.20.116.93 #NETDIRECT-NET
deny from 64.7.185.10 #Mercury Network, LLC
deny from 82.161.173.137 #DEMON-NL-DSL
deny from 82.194.66.100 #Hostalia Internet S.L.
deny from 83.170.75.38 #UK2.NET - UK's biggest host
deny from 89.110.156.82 #[netclusive] internet broadcasting GmbH
deny from 72.29.95.49 #HostDime.com, Inc.
deny from 91.121.6.85 #ks3.almacom.net
deny from 163.121.75.94 #Cairo Servers
deny from 87.106.133.216 #urbanplanet.de
deny from 80.86.123.118 #RO-INES-FO-NET-1
deny from 209.40.198.166 #Name Intelligence Inc.
deny from 88.226. #TurkTelecom
deny from 163.121. #Cairo Servers
deny from 189.1.168. #Maxihost-BR
deny from 80.89. #Hacks-Server-RU

SetEnvIfNoCase User-Agent "^libwww-perl*" block
order deny,allow
Deny from env=block
deny from 212.238.
ErrorDocument 403 http://127.0.0.1

RewriteCond %{QUERY_STRING} ^(.*)highlight=\%2527 [OR]
RewriteCond %{QUERY_STRING} ^(.*)rush=\%65\%63\%68 [OR]
RewriteCond %{QUERY_STRING} ^(.*)rush=echo [OR]
RewriteCond %{QUERY_STRING} ^(.*)echr(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)esystem(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)union(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)UNION(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)alert\(document(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)SQL_INJECTION(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)wget\%20
RewriteRule ^.*$ http://127.0.0.1/ [R,L]
RewriteCond %{HTTP_COOKIE}% s:(.*):\%22test1\%22\%3b
RewriteRule ^.*$ http://127.0.0.1/ [R,L]
RewriteCond %{HTTP_USER_AGENT} ^lwp.* [NC]
RewriteRule ^.*$ http://127.0.0.1/ [R,L]
wolkenkrieger
PR0
PR0
 
Posts: 77
Joined: Sat Nov 03, 2007 4:49 pm

Re: Google Wave Spam

Postby wave » Mon Sep 21, 2009 7:55 pm

Thank you, but for the time being I do not have .htaccess enabled on my host.

I could have go for E-mail authentication but as the forum is new enough just like Google Wave I dont want to put a hindrance in front of real users.

So I'm opting for Knowledge Base - Custom Profile Fields as an Anti-Spammer Tool. Lets see if it works.
wave
 
Posts: 18
Joined: Fri Jul 17, 2009 11:39 am

Re: Google Wave Spam

Postby dcz » Sun Sep 27, 2009 1:53 pm

Yes, a custom profile is handy to fight against automated spam, the good news is that phpBB3.0.6 will have a lot more to offer to fight against automated registration with way better captcha system.

++
Useful links :
SEO Forum || SEO Directory || SEO phpBB || Search
____________________

Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Recherche
dcz
Admin
Admin
 
Posts: 21383
Joined: Fri Apr 28, 2006 9:03 pm


Return to Security

 


  • Related topics
    Replies
    Views
    Last post

Who is online

Users browsing this forum: No registered users and 2 guests