Practice Makers Perfect

Page: 1

User

Post

12:05 pm
November 6, 2011

Angel

Admin

posts 187

Print this Post

Gee…I just bulk deleted about 300 bogus user log-ons. Somebody's been playing the Hack game…ya think? I get e-mail notice of all posts and new-user Log-in. They appear in the SPAM section so I don't always look at them because the 180 pieces of SF Spam-mail just gets a one-click mass delete. HOWEVER, I couldn't help noticing the huge influx of "New Users" in the past week or so. Thought it was time to do a little userlist housekeeping. Yep…about 300 from one "name" with different numbers in it…all on the same stupid e-mail address. Damn, that's too easy. Just mark it once, let the program search for them all and 2 clicks deletes. Hey…FOOL…it took me less time to zap your shit than it did for your spammer program to put it on the Board. Get a LIFE! Find something to do with your time other than constantly adjusting the damn electrodes that are buried in your brain.

Not the only stupid, bogus user logs I found. Kids, I've been doing board administration longer than just about anybody on the Internet…even before the modern 'Net was born. All that time, I've studied the psychology of users the way they identify themselves and interact. That's especially interesting on an alias-encouraged system like this one. SO, it's pretty easy to spot the fools who use too many consonants in the user name and/or the e-mail address. When I read through a user list the phonies light up like X-mas trees.

If nothing else, it was good ADMIN practice. Thanks for that, Jackasses. Cool

1:37 pm
November 8, 2011

Graham

Niagara Region, Canada

Member

posts 139

Print this Post

Hey Angel – you've been around this game since Adam was a pup – have you any idea why the hell they bother?

I do some monitoring on a couple of boards, and the bogus applications for membership come in in spurts and lumps. Even after filtering out the obvious and most of the less than obvious – some slip through and are (on the surface, at least) Legit. Then, a review and culling a year or two later reveals that a large percentage nave return after registering, never post a message and don't even lurk. W.T.F. do they have in mind when the take the time to register??

I don't like the idea of all those dormant "members" hanging out there, so I always suggest a periodic culling to the board owners. Why the hell do these people sign on? Is there some damage that they can cause that makes it worth their while?

I admit to being as dumb as a post when it comes to this whole computer thing – The actual workings and the motivations.

……………. there is nothing – absolutely nothing – half so much worthwhile doing as simply messing about in boats.

2:11 pm
November 8, 2011

Angel

Admin

posts 187

Print this Post

Well, the dinosaurs and the magic Wizards all tell me that it's just a childish "power play". Done, of course, by those who feel they have no REAL power in their lives. I've been handling this crap on BBS and Forums since I started. You kind of expect it with the TEEN kiddies on general and game type boards,(gawd help us, the "FILE SHARING" places were always open territory…which is one reason I never ran one), so it's pretty stupid activity from "assumed" adults on things like Glass boards. However, it's all part of the Admin job. I have to say that it's so much easier now than it was about 20 to 25 years ago when computer and Forum programs were more primitive and vulnerable. I don't even want to THINK about all the work and programming I had to do back then to keep ahead of the idiots.

This problem does seem to come in spurts. Some jerk who discovers a program that "repeats" log-on with no effort from him…whatever. They don't give a rat's ass WHAT kind of board they're crapping on…anything electronic will do. Everybody thinks he's re-inventing the wheel. Confused

8:05 pm
November 8, 2011

doug

Member

posts 67

Print this Post

Angel said:

This problem does seem to come in spurts.

Like in many problems of life.

One big thing the Internet has exposed is the scary high number of ugly bad people in the country. Yet another bullet point in my The Country is Doomed list.

9:16 pm
November 8, 2011

quasi

Member

posts 14

Print this Post

I used to enjoy hanging out on the usenet but some of my favorite boards there were attacked by people who thought it was "fun" to kill a board by flooding it with so much gargage the regulars would give up.

I admire and appreciate people who know how to run a board and keep thart kind out.

1:05 pm
December 13, 2011

Angel

Admin

posts 187

Print this Post

I'm still at the user-log problem. Doing a daily sweep…and sometimes several times a day. Otherwise there would be hundreds of the trashy things in a week. I have to apologize to anybody who might have been erroneously deleted. If you DO log on and can't get accepted (maybe because you're fond of kinky alias names or have a multi-consonant e-mail name…whatever…just send me some e-mail about your problem.

1:23 pm
January 8, 2012

Angel

Admin

posts 187

Print this Post

UPDATE on the Spam-bot Logins. I have HAD it! There's no end in sight for these pieces of trash. With a very rare exception, they are all from gmail. Now I know some of you guys have gmail addresses. The people I recognize are safe. The rest of them are just bogus log-ons who never validate the registration process and actually can't because the e-mail address is not confirmable (is that a word?). Anyway, they're not dangerous to board security. They're not reading or posting…they just muck up the userlist with phony names (STUPID..unpronounceable names…easy to spot).

So, because I have other things to do rather than sit here 3 times a day deleting 40 or 50 idiot log-ins, we have set a VERY short time limit for people to come back and verify their registration by entering the Forum generated password. 24 hrs…you snooze, you're history. I'll never put limits on people who don't post. I love our lurkers and readers are welcome.

IF you have a valid gmail address and suddenly find yourself unable to log in, well maybe I got carried away and accidentally zapped you….sorry 'bout that. Send me some e-mail at angelica@siliconfolly.com to fix it. OR, maybe you have a kinky username or weird e-mail name and I don't recognize it and you've never posted….I repeat, send me e-mail. This new restriction will catch the "bots" in future and eliminate the human "admin" connection. Cool

So, what will I do for fun now? Wink

7:41 pm
January 10, 2012

doug

Member

posts 67

Print this Post

Angel said:

So, what will I do for fun now?

Oh, let me get my list….. Kiss

4:26 pm
January 12, 2012

Angel

Admin

posts 187

Print this Post

uh-huh. Knowing you, any movie made from that list would have to air on Cable TV…After 11pm…or on the "adult Channel…still after 11pm. Cool

1:30 pm
January 13, 2012

Angel

Admin

posts 187

Print this Post

Angel said:

So, because I have other things to do rather than sit here 3 times a day deleting 40 or 50 idiot log-ins, we have set a VERY short time limit for people to come back and verify their registration by entering the Forum generated password. 24 hrs…you snooze, you're history. I'll never put limits on people who don't post. I love our lurkers and readers are welcome.

YET ANOTHER Security Update….We installed a CAPTCHA. Sorry, folks it's a pain in the neck (or whatever) to get past but necessary. It's that Alphabet-numerical thing you need to repeat when registering to prove you're HUMAN. Laugh

Here's the info on it.

"Telling Humans and Computers Apart Automatically

A CAPTCHA is a program that can generate and grade tests that humans can pass but current computer programs cannot. The term CAPTCHA means Completely Automated Public Turing Test To Tell Computers and Humans Apart.

Protecting Website Registration. Several companies (Yahoo!, Microsoft, etc.) offer free email services. Up until a few years ago, most of these services suffered from a specific type of attack: "bots" that would sign up for thousands of email accounts every minute. The solution to this problem was to use CAPTCHAs to ensure that only humans obtain free accounts. In general, free services should be protected with a CAPTCHA in order to prevent abuse by automated programs."

OK folks, there's our problem in a nutshell. The time limit didn't do a complete job, so we moved to CAPTCHAS. Held off doing that because it can be aggravating enough to scare away less experienced and determined new users. However, there's hardly a commercial website now that doesn't have a CAPTCHA test for registering a new account. Should be a familiar process. These phony log-ins are NOT BENIGN. They're designed to find or create a back-door to a system for a variety of reasons. WORD PRESS has a spamcatcher that's eliminated THOUSANDS of SPAM messages…I don't see them and you aren't bothered…they just don't make it to the system. I hate to chase away any new users but if the alternative is that I need to clean the userlist of several hundred phony log-ins every week, well…I have little choice.

We've installed a mid-range CAPTCHA for now. IF this doesn't do it, the higher level will go in. It's working so far…haven't had a SINGLE crap-log since we put it in place. Fingers crossed. Confused The reason we suddenly began seeing this disgusting mess is that we obviously finally hit some kind of National Website list. Oh joy…just what I've been trying to prevent all these years and hoping we were safe because we're totally non-commercial. Guess not. Anybody's fair game if registration is free. As usual…and as it's always been true…gotta learn to protect your site. That happens with experience.

3:28 pm
January 16, 2012

chaniarts

Member

posts 40

Print this Post

captchas are pretty easily broken

http://www.cs.sfu.ca/~mori/res…..rch/gimpy/

see the paragraph entitled "Computer character recognition" in http://en.wikipedia.org/wiki/CAPTCHA

10:21 pm
January 16, 2012

Angel

Admin

posts 187

Print this Post

Didn't say it was a foolproof system. For now, it's working. Haven't had a single spam-bot log-in since we installed the CAPTCHA. If it is overridden, we'll find something else. Do you have any constructive info on that? If so, let's hear it.

10:56 pm
January 16, 2012

Graham

Niagara Region, Canada

Member

posts 139

Print this Post

Following my reading of your adventures, Angel, I suggested that Guy Somers board try CAPTCHA. T'was done, and the difference is amazing. If the effectiveness decreases, I'll be watching to see how you deal with the next invasion. All the moderators over at theartglassfactory thank you.

……………. there is nothing – absolutely nothing – half so much worthwhile doing as simply messing about in boats.

12:33 pm
January 17, 2012

Angel

Admin

posts 187

Print this Post

Thanks for telling me, Graham. I didn't start out to influence any other Board Administrators, but it' always a pleasure to know somebody else with the same problem is benefiting from your experience. My e-mail for SF is VERY lonely these days without all the notices of "New user registration" that flooded it ALL day. Continuing to have no problems…hoping it lasts. I didn't solve this problem alone. It was my WEBBIE who experimented with various fixes until he decided on the CAPTCHA. Yeah, he's a GEEK Genius. Every Board needs one. Kiss

7:50 pm
January 17, 2012

Graham

Niagara Region, Canada

Member

posts 139

Print this Post

Geeks are cool. Big Bang Theory is my fravourite T.V. show these days.

……………. there is nothing – absolutely nothing – half so much worthwhile doing as simply messing about in boats.

6:02 pm
January 22, 2012

TracyM

Beacon Falls, CT

Member

posts 15

Print this Post

Good job Angel. Appreciate all the work you do on this.

Page: 1

	You must be logged in to post	Login Register