OK, now that we know we have a problem does anybody have any ideas how we can stop this happening again? Theres some pretty smart guys on this site, we should be able to work out something. Maybe do a google on forum security, etc and see what other forums have done?
Andrew
Don't think that there's much that can be done other than to filter certain words. Newsgroups come under attack all the time and untill someone puts in an appearance and you can gain an identity, then, and only then do you have the option of protecting against that identitity, although by that time, he's already done some damage. He can of course, change his identity and re-offend.
I may be wrong, but I think we're simply wide open to it, especially when there's conflict.
kev
Remember that failure is an event - not a person.
Enable flood posting control might slow him down,
I am a mod on a US site that was constantly attacked.
The end defence was to have a mod on duty 24 hours a day and to gather ISP info on offending posters and report them immediately.
This ended up having a few folks lose there accounts with their ISP.
Some sites took extreme action to counter offenders but that is a different story.
not alot you can do, happens all the time, on a car forum im a member of we get random replies to posts with links to gambling and spam sites in them, just delete them and move on. Just be glad we havent been targetted by any "hardcore" hackers, groups of people who's sole aim is to completley hack websites, ive seen a few forums after they have been hacked, not a pretty site (pun intended)
Yeah, I think what Karana wrote is the best bet. Get the ISP and report it to them and that should get them dumped. They may get a new ISP and do it again but at least it slows it down. The police may be able to help as they posted obscene material to MINORS! >>
Whoever did it could be in a world of trouble.
There are CHILDREN who visit here whoever you are! >
Your childish stunt may have offended or angered the adults here, but it HURT any little KID who saw it! Hope you're happy!
NOT COOL!
There are better things to do with your time than attacking a family-oriented web-site! Take up kite flying!
"When we remember we are all mad, the mysteries disappear and life stands explained.-- Mark Twain"
I must have missed something , maybe an explanation for all to read from a moderator.
Cheers
Barry
Take photos and memories leave only footprints, respect the enviroment when 4 wheel driving , never be too busy to help out someone in need.
Welcome to the internet ladies & gentleman...
Unfortunately there's not too much that can be done about it... IP banning works but also has some bad sides as well. 95% of you have an account (Not including work accounts) with "roaming" IP addresses. That means you log on today, and you might have 1.1.1.1 and tomorrow you log on and get 1.1.1.6
Now ISP's have a range of IP Addresses (IP Pool) that you get a number from. It could be any number within that range...
If another Ausfish member uses the same ISP, then they may get the same IP address you had 3 days ago today. This poses the issue then that if you get IP Banned with the IP address you had (1.1.1.1), then the next time you login to the internet, you could access it again. However, another member who has not been banned ends up with the banned IP address, and cannot get onto Ausfish.
This has apparently happened before where a users IP adress was tracked down, and another user had it when they logged on and got blamed. (I don't know the whole story, so am only going on second hand knowledge here - I believe Lucky_Phil knows the details).
I agree we need to try to "lock down" ausfish a little to stop this spamming, but unfortunately when you are a high traffic website, you are going to be targeted by everyone out there wanting to hackOne option may be to limit the amount of posts you can post in a minute? However this is going to upset people like me and Kev who are post whores when we're on
Having slept on the problem my solution would be to hide the fact that Mods and steve are on line.. The first thing i did when i saw the attack was to see who was oline to solve the problem. No one was, and maybe thats why the attack took place then as the attacker knew that all the mods were offline.
Ian
Alcohol doesn't agree with me, but i sure do enjoy the argument!!!
Instead of hiding the mods in whos online, we could have them look like they are always on? But I dont think the attacker cared, I think it was automated.See thread on 'I got a virus' and this type of porn flood posting is a KNOWN ISSUE.
Perhaps flood posting control is a good idea. Id have no objections to being allowed one post per 3 minutes? This attacker was posting every 20 secs.
Bad luck to the dude who clicked on the link and got the virus. Why would you click on that link and then own up to it? OOOOOps....
Andrew
It sure was fast!!!!Originally Posted by the gecko
Instead of hiding the mods in whos online, we could have them look like they are always on? But I dont think the attacker cared, I think it was automated.See thread on 'I got a virus' and this type of porn flood posting is a KNOWN ISSUE.
Perhaps flood posting control is a good idea. Id have no objections to being allowed one post per 3 minutes? This attacker was posting every 20 secs.
Bad luck to the dude who clicked on the link and got the virus. Why would you click on that link and then own up to it? OOOOOps....
Andrew
Alcohol doesn't agree with me, but i sure do enjoy the argument!!!
Without knowing how Steve has Ausfish configured we are just speculating, but there are flood limiting features and also referral blocking features which MAY help.
I'm confident he'll be on top of it quickly.
I didn't see the post(s). I always miss all the controversial stuff!
I'd guess they downloaded the form and ran a script.
There is a way to stop it, but I don't think it is available currently in YaBB.
It would require each poster to have to enter a number which appears on the screen for each and every post.
You will have seen it when you signed up.
Bots can't read it, because it's contained in an image. It would be a MAJOR re-write to implement though I'd think.
cheers,
Owen
Cheers,
Owen
The whole world's mad save thee & me (but I'm not too sure about thee)
on another forum i go to there is a button on every post near the quote one that says report
i dont think the mods are always on but they pop up pretty quick
maybe it sends a txt to their phone
dunno
That's a good idea LucyL.
After all, the one I had to tolerate, attracted over 300 views before it was deleted. I really think I am a good sport about most things but....... shut up and stop whinging roz!!
Yep, I agree, some backup in certain situations.
Perhaps and extra mod or three, who's only role would be to simply delete offensive material and nothing else, not offer opinions etc etc....
GO THE CRUISER UTES!
....OH WHAT A FEELING!
i was thinking of changing my name to KOD (kiss of death)
because once i say something the topic ends
see
Posting Permissions
Reply With Quote
