Welcome to NeoOffice developer notes and announcements
NeoOffice
Developer notes and announcements
 
 

Download or installation problems? Try these steps
Problems after upgrading to NeoOffice 2022? Try these steps


Support
· NeoOffice Support
· NeoWiki


Announcements
· Twitter @NeoOffice


Downloads
· Download NeoOffice


RSS Feeds
· Announcements Only
· All Posts


  
NeoOffice :: View topic - Forum spam
Forum spam
 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    NeoOffice Forum Index -> Server Outages
View previous topic :: View next topic  
Author Message
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Thu Oct 06, 2005 11:43 pm    Post subject: Reply with quote

No content actually winds up getting lost as there are daily database backups. It is always possible to go back into the earlier backups and restore anything that gets accidentally nuked.

I don't think this one's really major enough to do that though since the Unicode encoding stuff is documented in the wiki Smile

ed
Back to top
View user's profile Send private message Visit poster's website AIM Address
sardisson
Town Crier
Town Crier


Joined: Feb 01, 2004
Posts: 4588

PostPosted: Mon Oct 31, 2005 12:41 am    Post subject: Reply with quote

Nothing like spammers posting *in* the forum spam thread! Smile

IP was 194.44.198.45.

Smokey

_________________
"[...] whether the duck drinks hot chocolate or coffee is irrelevant." -- ovvldc and sardisson in the NeoWiki
Back to top
View user's profile Send private message Visit poster's website
sardisson
Town Crier
Town Crier


Joined: Feb 01, 2004
Posts: 4588

PostPosted: Fri Nov 04, 2005 6:02 am    Post subject: Reply with quote

sardisson wrote:
Nothing like spammers posting *in* the forum spam thread! Smile

IP was 194.44.198.45.


That IP just posted another spam (again a Guest). It has a real-sounding hostname (Jazz.franko.lviv.ua) so I think it's safe to ban.

Er, actually, that's a university subdomain.

Evil Ukrainians Smile

Edit: That same IP just spammed this very thread again! Stupid, stupid.

Smokey

_________________
"[...] whether the duck drinks hot chocolate or coffee is irrelevant." -- ovvldc and sardisson in the NeoWiki
Back to top
View user's profile Send private message Visit poster's website
ovvldc
Captain Naiobi


Joined: Sep 13, 2004
Posts: 2352
Location: Zürich, CH

PostPosted: Sun Nov 13, 2005 1:26 am    Post subject: Reply with quote

I just threw out an unsavory off-topic message (my first!).
Sending IP was 203.116.214.2

_________________
"What do you think of Western Civilization?"
"I think it would be a good idea!"
- Mohandas Karamchand Gandhi
Back to top
View user's profile Send private message
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Tue Nov 15, 2005 9:59 am    Post subject: Reply with quote

Let me know if any of the IPs start getting to be really egregious. Thus far I've been doing IP blocking mostly on the server proper. There are a couple of IP ranges in Japan and Brazil that are blocked out due to DDoS or password attacks on the server. There are also a number of rules for working around known phpbb worms (the ones from last xmas). I can IP ban blocks that have lots of known spammers.

While I don't personally have time to do it, I also have the full server logs from trinity should anyone care to start analyzing them. Beware, they're large Smile

ed
Back to top
View user's profile Send private message Visit poster's website AIM Address
LemonAid
The Anomaly


Joined: Nov 21, 2005
Posts: 1285
Location: Witless Protection Program

PostPosted: Sun Jan 22, 2006 2:45 am    Post subject: Reply with quote

OPENSTEP wrote:
...
While I don't personally have time to do it, I also have the full server logs from trinity should anyone care to start analyzing them. Beware, they're large Smile

ed

Ed, I know that you are working hard on many things but I just read your post about analyzing the trinity server logs. I have been using the application Analog.exe from The most popular logfile analyser in the world. It's free and Works very well. I use it at work to analyze several Windoze IIS web server logs. Once I got the config file the way I wanted it was great for finding problems / errors / DDOS attacks and such. Evil or Very Mad
Maybe someone could use this to analyze your log files. I work with two weeks of data when I need to home in on details.

Philip (always looking for tools to make life easier Wink )
Back to top
View user's profile Send private message
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Tue Jan 24, 2006 8:23 pm    Post subject: Reply with quote

Intriguing. I have hundreds of megabytes of log files to send to you, if you're interested. I examine them only for spiders/crawlers and for tracker spam.

PM me and they're yours. For me they're just sitting on CDs rotting away Very Happy

ed
Back to top
View user's profile Send private message Visit poster's website AIM Address
LemonAid
The Anomaly


Joined: Nov 21, 2005
Posts: 1285
Location: Witless Protection Program

PostPosted: Wed Jan 25, 2006 10:03 pm    Post subject: Reply with quote

OPENSTEP wrote:
Intriguing. I have hundreds of megabytes of log files to send to you, if you're interested. I examine them only for spiders/crawlers and for tracker spam.

PM me and they're yours. For me they're just sitting on CDs rotting away Very Happy
ed

Questions
1. Do you happen to know what the Log file format is?
2. Can you PM / email me a short sample of a file -
Header lines and the first 50-100 lines of data??

I just had a job ... re-assignment (Not fired, just got the fired folks work to do Crying or Very sad ) and my time is limited.

If I can figure out what the data format is, maybe I can get some CDs from you.

Philip (has to be careful when he makes suggestions, it sounds like volunteering Wink )
Back to top
View user's profile Send private message
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Mon Jan 30, 2006 10:07 pm    Post subject: Reply with quote

Can e-mail samples n/p. I don't have time to do data mining on trinity's logfiles. Any particular timeframe interest you? Major release vs. minor release vs. whatever?

ed
Back to top
View user's profile Send private message Visit poster's website AIM Address
sardisson
Town Crier
Town Crier


Joined: Feb 01, 2004
Posts: 4588

PostPosted: Thu Mar 02, 2006 5:44 am    Post subject: Reply with quote

Spam's been on the upswing lately...I've deleted 1-2/day for about the last week just myself. I've been keeping IPs for comparison purposes, if decide to start banning random IPs.

Keep your eyes peeled, mod team Wink

Smokey

_________________
"[...] whether the duck drinks hot chocolate or coffee is irrelevant." -- ovvldc and sardisson in the NeoWiki
Back to top
View user's profile Send private message Visit poster's website
jjmckenzie51
The Anomaly


Joined: Apr 01, 2005
Posts: 1055
Location: Southeastern Arizona

PostPosted: Thu Mar 02, 2006 11:21 am    Post subject: Reply with quote

sardisson wrote:
Spam's been on the upswing lately...I've deleted 1-2/day for about the last week just myself. I've been keeping IPs for comparison purposes, if decide to start banning random IPs.

Keep your eyes peeled, mod team Wink


Since I'm in a weird mood: Ouch, it hurts when I peel my eyes.

<serious>

You must be so good at catching them, I don't. I've only seen one message in the last few weeks, and I got rid of it.

</serious>

James
Back to top
View user's profile Send private message
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Fri Mar 03, 2006 9:46 am    Post subject: Reply with quote

I think spam also increases with the relevance of the site...trinity's getting linked to a little bit more after the RSS feed was added as it's on some news aggregators and the like.

Presently the spam prevention stuff is using a fixed length delay prior to posting. The next step will be to add in one of those silly human only verification things like type the numbers you see in the picture or solve this equation. I can start doing some research into that Smile

ed
Back to top
View user's profile Send private message Visit poster's website AIM Address
sardisson
Town Crier
Town Crier


Joined: Feb 01, 2004
Posts: 4588

PostPosted: Fri Mar 03, 2006 10:18 am    Post subject: Reply with quote

OPENSTEP wrote:
The next step will be to add in one of those silly human only verification things like type the numbers you see in the picture or solve this equation. I can start doing some research into that Smile

I think the latest version of phpBB 2.x has a module for the "human verification"--I remember seeing something about it when I did a security update, but the installation I maintain doesn't allow guest posting, so I don't know for sure--not sure how hard it would be to graft onto the phpBB-nuke combo here.

Smokey

_________________
"[...] whether the duck drinks hot chocolate or coffee is irrelevant." -- ovvldc and sardisson in the NeoWiki
Back to top
View user's profile Send private message Visit poster's website
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Fri Mar 03, 2006 10:54 am    Post subject: Reply with quote

Usually grafting that stuff in isn't that bad since the verification stuff doesn't actually affect the database proper. It needs some function tweaking and the like, but shouldn't be that horrid. I backport most all of the security fixes, so I don't think it'll be a problem.

Thus far only thing I can think of would perhaps be language issues for non-English speaking posters? Hopefully the numerical verification is a bit more common now so the "please type the numbers you see below" might be a bit more unnecessary to have translated?

ed
Back to top
View user's profile Send private message Visit poster's website AIM Address
ovvldc
Captain Naiobi


Joined: Sep 13, 2004
Posts: 2352
Location: Zürich, CH

PostPosted: Mon Apr 17, 2006 2:57 am    Post subject: Reply with quote

I just threw out a porn ad posted by a guest from IP 67.183.21.16
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    NeoOffice Forum Index -> Server Outages All times are GMT - 7 Hours
Goto page Previous  1, 2, 3, 4 ... 18, 19, 20  Next
Page 3 of 20

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © Planamesa Inc.
NeoOffice is a registered trademark of Planamesa Inc. and may not be used without permission.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.03 Seconds