Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 11-16-2012, 06:04 PM
munkfish munkfish is offline
 
Join Date: Sep 2011
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm not convinced, I reckon they must have added some functionality because our HV questions are quite obscure things like:

what number is green on a roulette wheel?

Which I can't believe a bot would be able to answer without being programmed... there are other questions as well that are equally as 'confusing' for a bot (how many legs does a cow have with one leg short comes to mind hehe ).
Reply With Quote
  #12  
Old 11-16-2012, 06:09 PM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by munkfish View Post
I'm not convinced, I reckon they must have added some functionality because our HV questions are quite obscure things like:

what number is green on a roulette wheel?

Which I can't believe a bot would be able to answer without being programmed... there are other questions as well that are equally as 'confusing' for a bot (how many legs does a cow have with one leg short comes to mind hehe ).
And yet somehow, they were getting through.

That's all over now, however.
Reply With Quote
  #13  
Old 11-18-2012, 08:11 PM
JG-52 JG-52 is offline
 
Join Date: Jan 2011
Location: Germany
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Max Taxable View Post
Get this modification, and end all autospam immediately. It's up for Mod of the Month, really works great. It uses the SPEED of the bots against them. 100% reliable and fool proof, and also won't ever be defeated, since the whole point of bots is speed, and load time is a variable they can't program.
I installed this a few hours ago and am very happy. The bot accounts were coming in fast and furious, despite a pool of 10 topic-specific questions. I had to resort to manually moderating every new account in an attempt to weed out the spam before giving them access.

I enabled the email function so I can get a feeling of how it is working, and it has denied access to 42 attempts in 5 hours. I might turn off new member moderation.
Reply With Quote
  #14  
Old 11-18-2012, 09:18 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by JG-52 View Post
The bot accounts were coming in fast and furious, despite a pool of 10 topic-specific questions.
I'm glad you got it worked out, but I have a question for you: when you go to the admicp options, under Human Verification Options, did you have the "Register" box checked?
Reply With Quote
  #15  
Old 11-19-2012, 02:04 AM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by munkfish View Post
I'm not convinced, I reckon they must have added some functionality because our HV questions are quite obscure things like:

what number is green on a roulette wheel?

Which I can't believe a bot would be able to answer without being programmed... there are other questions as well that are equally as 'confusing' for a bot (how many legs does a cow have with one leg short comes to mind hehe ).
A bot can't answer but a spamming program can try the 100 most popular Q&A answers and I'm sure 2 is a super common answer.

Avoid answers that are:
Any number under 20
Any basic color
etc...
Reply With Quote
  #16  
Old 11-19-2012, 11:33 AM
JG-52 JG-52 is offline
 
Join Date: Jan 2011
Location: Germany
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by kh99 View Post
I'm glad you got it worked out, but I have a question for you: when you go to the admicp options, under Human Verification Options, did you have the "Register" box checked?
Yes, I have Register, Contact Us, and Recover Lost Password checked.

In the past 20 hours, there have been 135 blocked attempts. The majority of the times are still below 2 seconds, but a couple were edging up towards the 15-second mark.

This morning, I increased the time difference to 30 seconds. A few minutes ago, one blocked attempt had a time difference of 16 seconds:

Quote:
A registration was prevented by bot blocker; visitor information below.

Time Difference: 16 second(s)

Username: mastermindabacus
Email: mastermindabacus@live.com
IP: 117.196.217.118
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML,
like Gecko) Chrome/23.0.1271.64 Safari/537.11
I hope some of the bots are not catching on and intentionally adding a delay to the process in an attempt to get past the time limit. Am I giving them/it too much credit?

As much as I like the email notices, I am going to see if I can modify the code to add a PHP function that writes the information to a log file. I have never programmed in PHP, but I used to be good at C several decades ago.
Reply With Quote
Благодарность от:
Max Taxable
  #17  
Old 11-19-2012, 04:43 PM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by JG-52 View Post
Yes, I have Register, Contact Us, and Recover Lost Password checked.

In the past 20 hours, there have been 135 blocked attempts. The majority of the times are still below 2 seconds, but a couple were edging up towards the 15-second mark.

This morning, I increased the time difference to 30 seconds. A few minutes ago, one blocked attempt had a time difference of 16 seconds:



I hope some of the bots are not catching on and intentionally adding a delay to the process in an attempt to get past the time limit. Am I giving them/it too much credit?

As much as I like the email notices, I am going to see if I can modify the code to add a PHP function that writes the information to a log file. I have never programmed in PHP, but I used to be good at C several decades ago.
The entire point of using bots is speed. I would be a little surprised if botnet admins started programming long delays between filling out the form and clicking submit. It sort of defeats the purpose of using bots.

It would have to be a pretty long delay - page load times are a factor in this, and sometimes with some of the really bad proxies these bots are on, page load time can be really slow. Add to that, there is no way for the botnet admin to determine what your time differential setting is.

I'll be curious to see if your 30 second setting catches any humans, I fear it might. Please update us with that. Increasing the time is far preferable to reducing it - reducing it only helps the bots.
Reply With Quote
  #18  
Old 11-19-2012, 04:56 PM
JG-52 JG-52 is offline
 
Join Date: Jan 2011
Location: Germany
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Max Taxable View Post
The entire point of using bots is speed. I would be a little surprised if botnet admins started programming long delays between filling out the form and clicking submit. It sort of defeats the purpose of using bots.
Agreed. After posting, I realized that we are likely being hammered by armies of bots instead of one persistent bot, so the likelihood that one would be determined is probably small.

Quote:
Originally Posted by Max Taxable View Post
It would have to be a pretty long delay - page load times are a factor in this, and sometimes with some of the really bad proxies these bots are on, page load time can be really slow. Add to that, there is no way for the botnet admin to determine what your time differential setting is.
Perhaps not a bot, but a frustrated person not paid by the hour might take a keen interest in probing the defenses. However, as stated earlier, time is money and we are but one of millions of potential victims.

Quote:
Originally Posted by Max Taxable View Post
I'll be curious to see if your 30 second setting catches any humans, I fear it might. Please update us with that. Increasing the time is far preferable to reducing it - reducing it only helps the bots.
I'll likely adjust the time downward when I see more reporting times. As with any countermeasure, there must be a balance between preventing an unwanted event and not allowing a wanted event. Unfortunately, it is unlikely that I will know if a human was denied registration (unless they use the "Contact Us" process to complain), but I will certainly know if the bots breach the walls.
Reply With Quote
  #19  
Old 11-19-2012, 05:01 PM
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Posts: 3,134
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by JG-52 View Post
Agreed. After posting, I realized that we are likely being hammered by armies of bots instead of one persistent bot, so the likelihood that one would be determined is probably small.



Perhaps not a bot, but a frustrated person not paid by the hour might take a keen interest in probing the defenses. However, as stated earlier, time is money and we are but one of millions of potential victims.



I'll likely adjust the time downward when I see more reporting times. As with any countermeasure, there must be a balance between preventing an unwanted event and not allowing a wanted event. Unfortunately, it is unlikely that I will know if a human was denied registration (unless they use the "Contact Us" process to complain), but I will certainly know if the bots breach the walls.
This can be determined by looking at the bot reports, you can usually tell by the username choice and the email address used if it's spammy... Or a human.

I have no doubt that as the time based test becomes more popular, botnet admins and botnet software designers will try to do a workaround. Problem is, they won't be all that aware of all the variables involved. Your individual setting, variable page load times - they would almost have to program in a 60 second delay in their bots, REALLY going against the whole reason to use bots to start with.

It will be interesting to see what the response is, if their ever is one. Spam fighting is a constant and ever changing war, heh.
Reply With Quote
  #20  
Old 11-21-2012, 10:27 AM
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
Senior Member
 
Join Date: Jun 2008
Location: New York
Posts: 10,610
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Max Taxable View Post
The entire point of using bots is speed. I would be a little surprised if botnet admins started programming long delays between filling out the form and clicking submit. It sort of defeats the purpose of using bots.
I disagree. The point of using bots is automation.

You set the bot to run and you go one about your day. Whether it takes 5 minutes or 5 hours is of no real concern to the person spamming links across forums.

Yes it will take longer when the bots start adapting, but they will because there is still much money to be made with spamming links.

While the time-lock method is a good method it is still going to be better to have some sort of captcha type challenge easy for humans but impossible for bots, long term, IMO.

That said no reason not to install the bot-time-check for now.

- My 2 cents.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:41 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07147 seconds
  • Memory Usage 2,294KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (12)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (1)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete