<div class='quotetop'></div><div class='quotemain'>During the last few days a bot using a name FuntKlakow, has been
registering to at least hundreds (maybe thousands) of phpBB forums.
http://www.google.com/search?hl=com&q=FuntKlakow&btnG=Hae&me ta=
Bot is also capable for posting to forums:
http://forum.uebimiau.org/search.php?search_author=FuntKlako w
http://www.alternativ.ro/forum/search.php?search_author=Funt Klakow
But most on most forums the bot keeps silent.
Ok, what is a danger?
Next time the phpBB announces a critical vulnerability, the bot would
have everything ready (just a post click away) from attacking
thousands of sites/forums.
Best defence against these kinds of bot-members, might be setting up
honeypot-forums, which the search engines can find but to which there
are no permanent links from the web. When new bot-members are
detected, such would be listed at each particular forum makers
homepage.
When a bot would then try to register to a forum, the forum program
would check the user/bot inputted user-name (or other characteristics)
and if those would match to those catched by a honeypot-forums,
registerin such user detais would be eliminated ( and possible IP
banned for some time)</div>
HOLY SHIT!!
GIMPY OR FOX..please set up secrutiy measures!! We could lose this forum!
Ill try to get to the bots program code and disable it..
registering to at least hundreds (maybe thousands) of phpBB forums.
http://www.google.com/search?hl=com&q=FuntKlakow&btnG=Hae&me ta=
Bot is also capable for posting to forums:
http://forum.uebimiau.org/search.php?search_author=FuntKlako w
http://www.alternativ.ro/forum/search.php?search_author=Funt Klakow
But most on most forums the bot keeps silent.
Ok, what is a danger?
Next time the phpBB announces a critical vulnerability, the bot would
have everything ready (just a post click away) from attacking
thousands of sites/forums.
Best defence against these kinds of bot-members, might be setting up
honeypot-forums, which the search engines can find but to which there
are no permanent links from the web. When new bot-members are
detected, such would be listed at each particular forum makers
homepage.
When a bot would then try to register to a forum, the forum program
would check the user/bot inputted user-name (or other characteristics)
and if those would match to those catched by a honeypot-forums,
registerin such user detais would be eliminated ( and possible IP
banned for some time)</div>
HOLY SHIT!!
GIMPY OR FOX..please set up secrutiy measures!! We could lose this forum!
Ill try to get to the bots program code and disable it..
