Advanced search

Message boards : Server and website : GPUGRID CAFE forum - Spammer

Author Message
Profile K1atOdessa
Send message
Joined: 25 Feb 08
Posts: 249
Credit: 370,320,941
RAC: 0
Level
Asp
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14364 - Posted: 26 Jan 2010 | 18:30:17 UTC

Looks like a spammer is hitting the GPUGRID CAFE Forum.

Profile Krunchin-Keith [USA]
Avatar
Send message
Joined: 17 May 07
Posts: 512
Credit: 111,288,061
RAC: 0
Level
Cys
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14404 - Posted: 27 Jan 2010 | 12:46:26 UTC

Yes, this was reported to me by another user.

I have hidden all the posts, wasting 24 minutes of my time, and reported this to GDF to banish them and take additional measures to stop this.

Richard Haselgrove
Send message
Joined: 11 Jul 09
Posts: 1576
Credit: 5,604,261,851
RAC: 8,787,349
Level
Tyr
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14449 - Posted: 27 Jan 2010 | 22:30:32 UTC

I think the latest batch calls for IP blocking at the very least.

Even if the message database is scrubbed clean, all those random user accounts are going to be hanging around for years, clogging up the database.

Profile Krunchin-Keith [USA]
Avatar
Send message
Joined: 17 May 07
Posts: 512
Credit: 111,288,061
RAC: 0
Level
Cys
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14469 - Posted: 27 Jan 2010 | 22:53:01 UTC - in response to Message 14449.

I think the latest batch calls for IP blocking at the very least.

Even if the message database is scrubbed clean, all those random user accounts are going to be hanging around for years, clogging up the database.

Unfortunately that often has little effect. Spammers change ips as often as they post. They often too create virus type robots, the posts can be comming from someone's or more infected computers. If you block the ip, you could be blocking a legitimit user, that doesn't know they are infected of course.

I've reported it, and GDF was slow to get back to me, I don't think he took any steps yet as the spamming continues and now in a mass amount, and now the spammer(s) are posting every few seconds. I can't hide the posts that fast. I'll leave it up to GDF to clean up now and take measures to stop this.

Another thing too, if you block posting, like making a minimum of 1 credit, the spammers robots still create accounts. This attack is on a lot of boinc projects. There was a problem at MAlariaContol.net also. Something needs to be done to block registration, but then how do legitimate users get in ?

Profile skgiven
Volunteer moderator
Volunteer tester
Avatar
Send message
Joined: 23 Apr 09
Posts: 3968
Credit: 1,995,359,260
RAC: 0
Level
His
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14520 - Posted: 27 Jan 2010 | 23:52:47 UTC - in response to Message 14469.
Last modified: 27 Jan 2010 | 23:54:02 UTC

The way forward is to use word recognition when registering. This stops the bots.

An IP block list could also be used on the front end server.

Perhaps new users could be initially limited to a newbie help thread, and then allowed access to the other threads when they completed one task.

Profile GDF
Volunteer moderator
Project administrator
Project developer
Project tester
Volunteer developer
Volunteer tester
Project scientist
Send message
Joined: 14 Mar 07
Posts: 1957
Credit: 629,356
RAC: 0
Level
Gly
Scientific publications
watwatwatwatwat
Message 14521 - Posted: 27 Jan 2010 | 23:54:14 UTC - in response to Message 14520.

I disabled account creation for now.

gdf

MarkJ
Volunteer moderator
Volunteer tester
Send message
Joined: 24 Dec 08
Posts: 738
Credit: 200,909,904
RAC: 0
Level
Leu
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14590 - Posted: 29 Jan 2010 | 7:48:45 UTC
Last modified: 29 Jan 2010 | 8:18:14 UTC

I've knocked off a bunch more in the Cafe, but the accounts need to get deleted or blocked.

Despite account creation being off he/it is still posting. Probably created a whole batch of accounts first and is now posting under each one. Might need to get a dump of all the aocounts created in the last couple of days and if they have no computers listed delete or block them.

@ GDF, do you allow account creation from the web site, or can they only create an account through boinc? If both ways you may want to restrict account creation to only be available through boinc.
____________
BOINC blog

MarkJ
Volunteer moderator
Volunteer tester
Send message
Joined: 24 Dec 08
Posts: 738
Credit: 200,909,904
RAC: 0
Level
Leu
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14656 - Posted: 29 Jan 2010 | 10:43:04 UTC - in response to Message 14521.

I disabled account creation for now.

gdf


I'm seeing accounts created on the 29th, so it looks like he/it can still create them.
____________
BOINC blog

Toni
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist
Send message
Joined: 9 Dec 08
Posts: 1006
Credit: 5,068,599
RAC: 0
Level
Ser
Scientific publications
watwatwatwat
Message 14659 - Posted: 29 Jan 2010 | 12:00:16 UTC - in response to Message 14656.
Last modified: 29 Jan 2010 | 12:02:53 UTC

The recaptcha implementation in BOINC currently only protect profiles, not account creation (?). We are trying the akismet system.

Luckily added records in the users table don't cause too much of a performance problem - the DB is accustomed to far higher loads :-)

Edit: thanks, KK, for the time of cleaning them up.

Profile Krunchin-Keith [USA]
Avatar
Send message
Joined: 17 May 07
Posts: 512
Credit: 111,288,061
RAC: 0
Level
Cys
Scientific publications
watwatwatwatwatwatwatwatwatwatwatwatwatwatwat
Message 14660 - Posted: 29 Jan 2010 | 12:10:49 UTC

How was account creation disabled ?

I logged out, then whet to log in page. When I click on create an account I get a page not found ?

But all that does is hide that page. If the spammer is using a robot, it is sending the result of that page as a submit which your server is still processing, so yes they are still creating accounts.

I would suggest adding the captcha method of verification to create an account. Ya know those distorted letter words.

See http://en.wikipedia.org/wiki/CAPTCHA

Instructions for that had been included somewhere in boinc or the boinc wiki I think. maybe here http://boinc.berkeley.edu/trac/wiki/ProtectionFromSpam

Another simple trick would be to turn on the invitation code. Then post the invitation code in the instructions on the front page under, to create an account use invatation code 'GPUgrid' or something like that. I did this on my team's message board. It had the simple scrambled word graphic. This the robots could decode. So I made the word to be entered something different from what was displayed and posted it in plain text instruction under the entry box. This let humans in that could read but kept robots out because the robots were programmed to unscramle the word in the graphic and entered the word displayed next to the invitation code. A few humans could not get in because they too did not read and just automatically entered the word in the graphic, how programmed do we humans become. If you got the word wrong, I did a halt and this stopped 99% of the spammers from ever getting in.


Toni
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist
Send message
Joined: 9 Dec 08
Posts: 1006
Credit: 5,068,599
RAC: 0
Level
Ser
Scientific publications
watwatwatwat
Message 14788 - Posted: 29 Jan 2010 | 14:08:25 UTC - in response to Message 14660.

We enabled BOINC's implementation of recaptcha and akismet. Let us know if you have problems.

Post to thread

Message boards : Server and website : GPUGRID CAFE forum - Spammer

//