List of Forum Hacker/Spammers

[mike]

Our forum gets assailed on a daily basis by various sundry script kiddies, hackers, spammers and miscellaneous riffraff. Each and every day I add to the list of domains and IP addresses that I ban from our forum/servers/network.

Today it occured to me that I should also just go ahead and publish the info I'm banning so that any of you operating a blog, forum, or some other spammer/hacker/delinquent magnet type of site could have a heads up.

Now, I'm not advocating, directing, calling for or promoting that anybody else should ban the following domains/IPs from their network, I'm just letting everybody know that I have.

Not really wanting to dig thru old stuff (because there is so much of it) I will just start from today's round of miscreants and move forward from there, updating this post as necessary.

Starting with:

@intop101.com
@intop10.com

86.124.42.39
210.150.125.195
65.98.55.242
212.50.16.107
82.239.233.10
201.44.205.48
81.214.127.3
83.21.0.60
61.11.35.155
210.167.189.57
84.16.137.234
218.47.185.133
58.148.4.89
200.31.150.131
219.2.128.59
124.104.35.158
218.128.224.112
201.17.170.149
201.20.108.47
70.84.235.18
61.238.105.199
200.90.88.104
218.28.226.117

Examples of the URL's they're creating links to in sig lines:

auto-repair.intop10.com
claritin.intop10.com

Created many many accounts -all under different IPs too. But there they are.



Any email address at

@betroyalpoker.com

[greeneagle]

applause!

Ken

[nerdbyte]

I thought IPs were too easy to spoof. What is the point? What about people (like me) who go through a shared IP on most occasions because I'm behind a satellite network?

[mike]

Well, its not ideal, no. But it's the best I can do.

[mike]

219.94.108.234 - pornspam
125.252.0.10 - pornspam
58.121.5.186 - pornspam
62.7.244.103 - pornspam
62.183.50.164 - pornspam
58.227.180.203 - pornspam
66.246.246.164 - pharmspam
62.140.23.20 - mortgagespam
60.191.251.9 - pornspam
125.190.42.23 - pornspam
218.232.87.30 - pornspam

[mike]

222.110.5.166 - spam
61.98.14.155 - spam
211.107.212.250 - spam
222.236.34.90 - spam
207.195.240.33 - spam
211.87.214.100 - spam
211.200.198.182 - spam
219.240.12.173 - spam

[dharrison]

I have a feeling this thread is going to get very long in size over the next few weeks.

Still well done for publishing it. ;)

[mike]

Actually, I'm expecting a sharp decrease. I found a way to stomp (most of) these guys at the front door.

Tomorrow, spamming my profiles is going to become inifinitely more challenging.

Bwahahahaaaa!

[greeneagle]

Mike:

Quote:

Actually, I'm expecting a sharp decrease. I found a way to stomp (most of) these guys at the front door.

Thanks, It's been somewhat unpleasent for a while.

When I come back, for some time now, it's dealing with spammers first and then carrying on...Not to mention "issues" between members...

Ken

[Easywebdev]

What I do on any phpBB boards I have under my control is to only submit the username, email and passwords in the registration process. Only make the profile available to those users who actually complete the registration by clicking the activation link. I add a little message to the activation email saying the first thing they should do after logging in is to complete their details in their profile.

Also I know if I get a registration with a non null website then its a bot and I just exit(); at that point.

If they complete the registration process and then spam well I have a valid email to block rather than ip blocking.

Cuts way down on profile website/sig spamming.

[dharrison]

Quote:

Originally Posted by mike

Actually, I'm expecting a sharp decrease. I found a way to stomp (most of) these guys at the front door.

Tomorrow, spamming my profiles is going to become inifinitely more challenging.

Bwahahahaaaa!

Errr, good luck!?! ;)

[mike]

Mission accomplished.

Profile bots have been eliminated (a BUNCH of them) and they will find a surprise or two waiting for them when they return.

I daresay we're profile bot-proof now.

[bj]

If for any reason this fails you should consider speaking with Michael Hampton, the genius behind WordPress Bad Behavior. He may have already ported Bad Behavior to phpbb. I know he's already done Expression Engine and MediaWiki.

Bad Behavior

My blog comment spam went from a few hundred a day to a few a day, and I haven't yet upgraded to the most recently released version. I expect it'll drop off further after I get around to upgrading.

[aprentice_hacker]

please can can you give me some advice on hacking through a basic login

thanks

[wige]

Quote:

Originally Posted by aprentice_hacker

please can can you give me some advice on hacking through a basic login

thanks

Sure.

Don't do it.

Your welcome.

Note: I apologize for the snarky tone, but a post in a year old thread about securing login registrations on a webmaster forum asking how to attack web sites? Really? Seriously?

[AVC]

You have seen nothing yet Mike, look at this list.

http://www.forumpostersunion.com/sho...?t=1112&page=6

You will see the inside of how forum hackers work.

[aprentice_hacker]

Quote:

Originally Posted by wige

Sure.

Don't do it.

Your welcome.

Note: I apologize for the snarky tone, but a post in a year old thread about securing login registrations on a webmaster forum asking how to attack web sites? Really? Seriously?

hu i only want to see if my login script is hacker proof

[aprentice_hacker]

Quote:

Originally Posted by wige

Sure.

Don't do it.

Your welcome.

Note: I apologize for the snarky tone, but a post in a year old thread about securing login registrations on a webmaster forum asking how to attack web sites? Really? Seriously?

hu i only want to see if my login script is hacker proof

[wige]

Quote:

Originally Posted by aprentice_hacker

hu i only want to see if my login script is hacker proof

My suggestion be to post a new thread in the Internet Security forum along with the URL for your login form and I am sure someone will be more than happy to take a look.

[edhan]

Quote:

Originally Posted by aprentice_hacker

please can can you give me some advice on hacking through a basic login

thanks

You should be asking the preventive measure instead. Wige is right that you should be directing the question in Internet Security forum.

[sryk4]

simply great. well done

[kgun]

Quote:

Originally Posted by sryk4

simply great. well done

What? I am not convinced, even if this is my worst day at WPW.

Quote:

Originally Posted by aprentice_hacker

hu i only want to see if my login script is hacker proof

I invite you to try ForumNorway dot com.

Post a reply here when you are finished.

[kgun]

Quote:

Originally Posted by AVC

You have seen nothing yet Mike, look at this list.

http://www.forumpostersunion.com/sho...?t=1112&page=6

You will see the inside of how forum hackers work.

But who is AnthonyCea with 13001 posts that link to my link collection:

http://www.forumpostersunion.com/showthread.php?t=3637

"In this thread we will feature some great webmaster resource pages published in the interest of sharing knowledge of website development and publishing technology, e-commerce, search engine optimization (SEO) and search engine marketing (SEM).

If you know of pages like the above that have collections of links for webmasters or web developers please post them in this thread".

To me it seems like a Bot with a beautiful picture with access to Googles spam report form .

Location: Deep South, USA

[AVC]

KGun, you need to catch up with reality and try not to fabricate false notions in the minds of readers of this forum, that would do us all good.

I linked to your page because it seems to have some value, and I told you so when I did link to it.

So why when you are fully aware of this event do you create sensationalism taking the thread off topic ?

[kgun]

Quote:

Originally Posted by AVC

KGun, you need to catch up with reality and try not to fabricate false notions in the minds of readers of this forum, that would do us all good.

I will not involve in a long discussion with you. Please, explain and prove your staements.

[AVC]

Just stick to the subject of the threads Kgun, that is all I am saying, try to comment without linking to a bunch of other stuff and sidetracking the subject matter, that will make the forum a better place.

[kgun]

So your

1. Links are more on topic?
2. Your posts are more objective? (Get off your Google glasses is my reccommendation).
3. There are alternative glasses to view the WWW through.
4. The first time you told me about the link, I thought "AnthonyCea" is a Bot. You have not answered that question.

P.S. I think you are a good poster and valuable WPW member, but you have potential to improve IMO.

[AVC]

So you continue to go off topic to the subject of the thread, par for the course KGun, yeah I'm a bot

Please close the thread mod's.

[kgun]

You behave like a moderator, so may be you can close it.

[johnxuster]

My blog comment spam went from a few hundred a day to a few a day, and I haven't yet upgraded to the most recently released version. so am i.

[kgun]

Quote:

Originally Posted by mike

I daresay we're profile bot-proof now.

I am not convinced. Can a bot sell / advertise Nike Shoes?

[full house]

I think those are not bot, I think its done by other people who do copy and paste the whole post.

[grangonzo]

Wow, never got to know somebody who would actually take the time to post the list of spammers.

Congrats on your hard work..