Attention:

Support Rules and Guidelines
Before you post your support topic, please remember to:
  • Read the support forum rules.
  • Check the wiki and use search to see if your problem can be answered there first.
  • Link your board please, and make sure that the problem on your board is visible to guests or provide a test account.
  • Do not post Board Wrappers and CSS unless requested. With a board link, this is not necessary.
  • Be as descriptive as you can and use as many details as possible when describing your problem.
  • Please briefly mark any links to forums that may not be work-safe.
This will help ensure your support issue will be attended to in a quick and efficient manner.

Pages: (4) 1 2 3 4  ( Go to first unread post ) Add ReplyNew TopicNew Poll

 spambots?
#
Ah, ok, that's good to know then.

It's only been about the past 4 days as it is since I started actively scanning each guest's IP to see if it's in SFS. So you should be happy to know that most of all the ones you've listed there are covered. Only the very newer listings, depending on when they hit, are getting to people now.

At the end of the week I'm going to compile all of the IPs collected as well in my log with number of attempts and firewall them directly based on their aggression type. Then the week after study the list again and see if I'm noticing a larger, smaller, or list of about the same size.

signature
email: admin@jcink.com :: blog: John C.
#
Here's a new list if you're still collecting!
All from today, so they're probably new ~

5.164.231.21
5.164.244.188
5.166.215.176
95.79.129.161
109.63.162.249

thank you http://files.b1.jcink.com/html/emoticons/smile.gif

This post has been edited by jess the hufflepuff: Jan 17 2017, 04:34 PM
PM
#
Yes they are indeed. They've been already added to sfs I think I didn't check all of them. I'm not collecting IPs from individual postings anymore though as I've got my own logger but I appreciate the lists anyway!

signature
email: admin@jcink.com :: blog: John C.
#
These are from the last couple hours, I know you're not actively collecting but you did say you appreciated the lists, so I figured we'd just report.

46.148.127.76
95.79.82.33
5.164.245.37
5.164.231.21
5.164.244.188
5.166.215.176

Removing isn't bad, but these things are crazy, these few IP addresses posted approximately 12-15 posts of spam in the span of maybe 20 minutes?

Also to note: We are only seeing these excessive bot posts in our "Advertise" section and not our "guest Friendly" board even though they both have the same criteria to post (the security key).

not sure if that's helpful or not, but figured it was interesting since we haven't seen a single piece of spam in our guest friendly area.

This post has been edited by Delphi: Jan 17 2017, 05:59 PM

signature
user posted image
Brent Weeks AU // Modern Fantasy
#
well regardless of whether or not they're helpful, or you're logging them yourself, figured i'd just post all the things i gathered from SHINE anyway. some of these were even posted in forums that only members can see? so it hasn't just been guest friendly boards either. all from the last few days.


5.167.116.41
5.3.196.2
37.113.13.8
46.0.104.169
46.0.28.125
46.118.153.29
46.119.5.2
46.191.222.231
77.234.44.159
91.243.93.241
95.25.70.109
109.162.122.6
109.227.124.83
117.235.134.236
173.254.197.71
176.214.117.82
176.8.88.79
178.137.18.32
178.159.37.60
178.213.6.189
185.2.101.31
193.93.195.60
185.2.101.31
95.25.70.109
46.119.5.2
46.118.153.29
178.137.18.32
77.234.44.159
173.254.197.71
37.113.13.8
193.93.195.60
117.235.134.236
178.159.37.60
46.0.104.169
178.213.6.189
176.8.88.79
91.243.93.241
5.167.116.41
109.227.124.83
109.162.122.6
5.3.196.2
46.0.28.125
5.164.217.230
5.164.193.203
#
John

One of the spambots .... registered ???? to post ???? their garbage ???

this is a screenshot from Caution, the post has since been deleted but

how did it get past the captcha?

Here is the image
PM
#
Here is a list I have just produced after about a week's worth of logging that I started on the 11th. I have parsed and compiled them.

CODE
deny 178.159.37.60; # dnsbl logged 1/17/2017 hits: 1561
deny 185.129.62.63; # dnsbl logged 1/17/2017 hits: 478
deny 128.52.128.105; # dnsbl logged 1/17/2017 hits: 406
deny 134.249.141.24; # dnsbl logged 1/17/2017 hits: 359
deny 134.249.51.228; # dnsbl logged 1/17/2017 hits: 328
deny 46.118.153.31; # dnsbl logged 1/17/2017 hits: 312
deny 46.188.28.235; # dnsbl logged 1/17/2017 hits: 294
deny 62.210.81.52; # dnsbl logged 1/17/2017 hits: 208
deny 37.46.228.194; # dnsbl logged 1/17/2017 hits: 206
deny 163.172.209.46; # dnsbl logged 1/17/2017 hits: 197
deny 192.36.27.4; # dnsbl logged 1/17/2017 hits: 170
deny 178.137.0.54; # dnsbl logged 1/17/2017 hits: 153
deny 37.115.199.53; # dnsbl logged 1/17/2017 hits: 146
deny 192.36.27.6; # dnsbl logged 1/17/2017 hits: 139
deny 84.16.241.100; # dnsbl logged 1/17/2017 hits: 131
deny 93.182.169.139; # dnsbl logged 1/17/2017 hits: 125
deny 178.159.37.8; # dnsbl logged 1/17/2017 hits: 125
deny 83.26.51.84; # dnsbl logged 1/17/2017 hits: 117
deny 78.109.24.109; # dnsbl logged 1/17/2017 hits: 116
deny 46.109.25.167; # dnsbl logged 1/17/2017 hits: 111
deny 209.222.77.220; # dnsbl logged 1/17/2017 hits: 111
deny 171.25.193.131; # dnsbl logged 1/17/2017 hits: 109
deny 87.110.28.32; # dnsbl logged 1/17/2017 hits: 107
deny 109.162.122.6; # dnsbl logged 1/17/2017 hits: 105
deny 163.172.67.180; # dnsbl logged 1/17/2017 hits: 100
deny 46.105.100.149; # dnsbl logged 1/17/2017 hits: 100
deny 46.166.148.176; # dnsbl logged 1/17/2017 hits: 98
deny 185.38.14.171; # dnsbl logged 1/17/2017 hits: 97
deny 109.86.72.150; # dnsbl logged 1/17/2017 hits: 92
deny 185.38.14.215; # dnsbl logged 1/17/2017 hits: 92
deny 37.195.200.165; # dnsbl logged 1/17/2017 hits: 91
deny 173.254.216.66; # dnsbl logged 1/17/2017 hits: 84
deny 213.159.38.90; # dnsbl logged 1/17/2017 hits: 81
deny 212.47.253.151; # dnsbl logged 1/17/2017 hits: 81
deny 62.210.129.246; # dnsbl logged 1/17/2017 hits: 79
deny 46.165.230.5; # dnsbl logged 1/17/2017 hits: 77
deny 185.104.120.3; # dnsbl logged 1/17/2017 hits: 77
deny 192.160.102.166; # dnsbl logged 1/17/2017 hits: 76
deny 191.96.249.110; # dnsbl logged 1/17/2017 hits: 74
deny 176.10.104.243; # dnsbl logged 1/17/2017 hits: 68
deny 216.239.90.19; # dnsbl logged 1/17/2017 hits: 68
deny 176.10.104.240; # dnsbl logged 1/17/2017 hits: 67
deny 163.172.223.200; # dnsbl logged 1/17/2017 hits: 67
deny 178.76.243.0; # dnsbl logged 1/17/2017 hits: 65
deny 94.142.242.84; # dnsbl logged 1/17/2017 hits: 62
deny 65.19.167.130; # dnsbl logged 1/17/2017 hits: 62
deny 46.101.98.208; # dnsbl logged 1/17/2017 hits: 62
deny 163.172.135.18; # dnsbl logged 1/17/2017 hits: 60
deny 207.244.70.35; # dnsbl logged 1/17/2017 hits: 60
deny 185.11.180.67; # dnsbl logged 1/17/2017 hits: 60
deny 65.19.167.131; # dnsbl logged 1/17/2017 hits: 59
deny 192.160.102.164; # dnsbl logged 1/17/2017 hits: 58
deny 85.192.162.173; # dnsbl logged 1/17/2017 hits: 58
deny 80.67.172.162; # dnsbl logged 1/17/2017 hits: 58
deny 62.210.81.152; # dnsbl logged 1/17/2017 hits: 57
deny 5.35.25.103; # dnsbl logged 1/17/2017 hits: 55
deny 89.218.186.82; # dnsbl logged 1/17/2017 hits: 54
deny 46.59.107.73; # dnsbl logged 1/17/2017 hits: 53
deny 171.25.193.132; # dnsbl logged 1/17/2017 hits: 53
deny 62.102.148.67; # dnsbl logged 1/17/2017 hits: 52
deny 46.118.157.125; # dnsbl logged 1/17/2017 hits: 52
deny 93.115.95.216; # dnsbl logged 1/17/2017 hits: 51
deny 212.109.201.73; # dnsbl logged 1/17/2017 hits: 51
deny 193.171.202.150; # dnsbl logged 1/17/2017 hits: 51
deny 95.154.145.139; # dnsbl logged 1/17/2017 hits: 50
deny 37.220.35.202; # dnsbl logged 1/17/2017 hits: 50
deny 185.129.62.62; # dnsbl logged 1/17/2017 hits: 49
deny 93.115.95.202; # dnsbl logged 1/17/2017 hits: 49
deny 151.249.254.251; # dnsbl logged 1/17/2017 hits: 49
deny 93.115.95.207; # dnsbl logged 1/17/2017 hits: 48
deny 216.218.222.13; # dnsbl logged 1/17/2017 hits: 48
deny 93.115.95.201; # dnsbl logged 1/17/2017 hits: 47
deny 62.210.81.154; # dnsbl logged 1/17/2017 hits: 47
deny 163.172.191.54; # dnsbl logged 1/17/2017 hits: 47
deny 178.159.37.75; # dnsbl logged 1/17/2017 hits: 47
deny 178.32.24.192; # dnsbl logged 1/17/2017 hits: 47
deny 85.248.227.163; # dnsbl logged 1/17/2017 hits: 47
deny 178.213.191.22; # dnsbl logged 1/17/2017 hits: 46
deny 176.195.6.172; # dnsbl logged 1/17/2017 hits: 46
deny 93.115.95.204; # dnsbl logged 1/17/2017 hits: 46
deny 193.201.225.61; # dnsbl logged 1/17/2017 hits: 45
deny 51.15.53.83; # dnsbl logged 1/17/2017 hits: 45
deny 178.32.24.196; # dnsbl logged 1/17/2017 hits: 45
deny 199.87.154.255; # dnsbl logged 1/17/2017 hits: 45
deny 5.199.130.188; # dnsbl logged 1/17/2017 hits: 44
deny 109.86.72.210; # dnsbl logged 1/17/2017 hits: 44
deny 51.15.39.2; # dnsbl logged 1/17/2017 hits: 44
deny 188.163.75.38; # dnsbl logged 1/17/2017 hits: 44
deny 94.231.151.120; # dnsbl logged 1/17/2017 hits: 42
deny 185.10.68.102; # dnsbl logged 1/17/2017 hits: 42
deny 46.28.107.82; # dnsbl logged 1/17/2017 hits: 40
deny 198.50.242.32; # dnsbl logged 1/17/2017 hits: 40
deny 176.8.104.192; # dnsbl logged 1/17/2017 hits: 40
deny 185.154.13.7; # dnsbl logged 1/17/2017 hits: 40
deny 163.172.190.191; # dnsbl logged 1/17/2017 hits: 40
deny 85.93.218.204; # dnsbl logged 1/17/2017 hits: 40
deny 109.201.133.100; # dnsbl logged 1/17/2017 hits: 39
deny 93.115.95.206; # dnsbl logged 1/17/2017 hits: 39
deny 204.85.191.30; # dnsbl logged 1/17/2017 hits: 38
deny 166.70.207.2; # dnsbl logged 1/17/2017 hits: 37
deny 65.19.167.132; # dnsbl logged 1/17/2017 hits: 37
deny 163.172.173.229; # dnsbl logged 1/17/2017 hits: 36
deny 185.29.255.27; # dnsbl logged 1/17/2017 hits: 36
deny 165.231.0.242; # dnsbl logged 1/17/2017 hits: 36
deny 178.32.51.225; # dnsbl logged 1/17/2017 hits: 36
deny 163.172.129.17; # dnsbl logged 1/17/2017 hits: 36
deny 46.166.148.177; # dnsbl logged 1/17/2017 hits: 35
deny 193.90.12.86; # dnsbl logged 1/17/2017 hits: 35
deny 51.15.36.187; # dnsbl logged 1/17/2017 hits: 35
deny 199.87.154.251; # dnsbl logged 1/17/2017 hits: 34
deny 64.113.32.29; # dnsbl logged 1/17/2017 hits: 34
deny 178.137.167.157; # dnsbl logged 1/17/2017 hits: 34
deny 195.154.122.54; # dnsbl logged 1/17/2017 hits: 33
deny 51.15.57.90; # dnsbl logged 1/17/2017 hits: 33
deny 163.172.170.212; # dnsbl logged 1/17/2017 hits: 33
deny 164.132.51.91; # dnsbl logged 1/17/2017 hits: 33
deny 46.166.148.143; # dnsbl logged 1/17/2017 hits: 33
deny 163.172.157.153; # dnsbl logged 1/17/2017 hits: 33
deny 51.15.43.205; # dnsbl logged 1/17/2017 hits: 33
deny 92.222.103.232; # dnsbl logged 1/17/2017 hits: 32
deny 89.144.12.15; # dnsbl logged 1/17/2017 hits: 32
deny 62.210.105.116; # dnsbl logged 1/17/2017 hits: 32
deny 164.132.104.166; # dnsbl logged 1/17/2017 hits: 31
deny 91.219.237.244; # dnsbl logged 1/17/2017 hits: 31
deny 85.248.227.164; # dnsbl logged 1/17/2017 hits: 31
deny 85.248.227.165; # dnsbl logged 1/17/2017 hits: 31
deny 91.205.239.219; # dnsbl logged 1/17/2017 hits: 30
deny 199.127.226.150; # dnsbl logged 1/17/2017 hits: 30
deny 174.57.158.160; # dnsbl logged 1/17/2017 hits: 30
deny 79.124.59.198; # dnsbl logged 1/17/2017 hits: 30
deny 149.202.98.160; # dnsbl logged 1/17/2017 hits: 30
deny 93.77.96.97; # dnsbl logged 1/17/2017 hits: 30
deny 178.20.55.16; # dnsbl logged 1/17/2017 hits: 29
deny 193.90.12.87; # dnsbl logged 1/17/2017 hits: 29
deny 46.166.148.152; # dnsbl logged 1/17/2017 hits: 29
deny 178.137.132.254; # dnsbl logged 1/17/2017 hits: 29
deny 176.120.255.15; # dnsbl logged 1/17/2017 hits: 28
deny 45.79.85.112; # dnsbl logged 1/17/2017 hits: 28
deny 69.30.215.94; # dnsbl logged 1/17/2017 hits: 27
deny 185.117.215.9; # dnsbl logged 1/17/2017 hits: 27
deny 151.80.238.152; # dnsbl logged 1/17/2017 hits: 27
deny 46.101.127.145; # dnsbl logged 1/17/2017 hits: 27
deny 79.124.59.202; # dnsbl logged 1/17/2017 hits: 26
deny 217.170.201.106; # dnsbl logged 1/17/2017 hits: 26
deny 51.15.47.106; # dnsbl logged 1/17/2017 hits: 26
deny 217.115.10.131; # dnsbl logged 1/17/2017 hits: 26
deny 37.48.80.101; # dnsbl logged 1/17/2017 hits: 26
deny 198.50.200.141; # dnsbl logged 1/17/2017 hits: 25
deny 195.123.209.184; # dnsbl logged 1/17/2017 hits: 25
deny 92.222.81.196; # dnsbl logged 1/17/2017 hits: 24
deny 46.166.148.142; # dnsbl logged 1/17/2017 hits: 24
deny 37.139.184.16; # dnsbl logged 1/17/2017 hits: 24
deny 185.100.87.186; # dnsbl logged 1/17/2017 hits: 23
deny 213.32.91.89; # dnsbl logged 1/17/2017 hits: 23
deny 95.161.239.151; # dnsbl logged 1/17/2017 hits: 23
deny 185.31.161.102; # dnsbl logged 1/17/2017 hits: 23
deny 209.222.77.221; # dnsbl logged 1/17/2017 hits: 23
deny 93.184.66.227; # dnsbl logged 1/17/2017 hits: 23
deny 149.202.98.161; # dnsbl logged 1/17/2017 hits: 23
deny 5.196.66.162; # dnsbl logged 1/17/2017 hits: 23
deny 144.217.161.119; # dnsbl logged 1/17/2017 hits: 23
deny 142.4.206.241; # dnsbl logged 1/17/2017 hits: 22
deny 51.254.23.231; # dnsbl logged 1/17/2017 hits: 22
deny 46.182.18.214; # dnsbl logged 1/17/2017 hits: 22
deny 81.162.228.42; # dnsbl logged 1/17/2017 hits: 22
deny 51.255.202.66; # dnsbl logged 1/17/2017 hits: 22
deny 216.218.222.10; # dnsbl logged 1/17/2017 hits: 22
deny 91.219.237.229; # dnsbl logged 1/17/2017 hits: 22
deny 149.56.229.17; # dnsbl logged 1/17/2017 hits: 22
deny 198.105.213.213; # dnsbl logged 1/17/2017 hits: 21
deny 198.50.200.134; # dnsbl logged 1/17/2017 hits: 21
deny 171.25.193.25; # dnsbl logged 1/17/2017 hits: 21
deny 176.214.117.82; # dnsbl logged 1/17/2017 hits: 21
deny 62.141.35.91; # dnsbl logged 1/17/2017 hits: 21
deny 46.182.18.29; # dnsbl logged 1/17/2017 hits: 21
deny 46.183.218.199; # dnsbl logged 1/17/2017 hits: 21
deny 94.26.140.150; # dnsbl logged 1/17/2017 hits: 21
deny 64.137.184.36; # dnsbl logged 1/17/2017 hits: 21
deny 91.138.253.244; # dnsbl logged 1/17/2017 hits: 21
deny 51.254.115.27; # dnsbl logged 1/17/2017 hits: 21
deny 198.50.200.135; # dnsbl logged 1/17/2017 hits: 20
deny 95.65.45.111; # dnsbl logged 1/17/2017 hits: 20
deny 158.130.0.242; # dnsbl logged 1/17/2017 hits: 20
deny 51.255.33.0; # dnsbl logged 1/17/2017 hits: 20
deny 5.2.75.199; # dnsbl logged 1/17/2017 hits: 19
deny 91.219.236.222; # dnsbl logged 1/17/2017 hits: 19
deny 37.139.8.104; # dnsbl logged 1/17/2017 hits: 19
deny 91.213.8.236; # dnsbl logged 1/17/2017 hits: 19
deny 31.31.74.69; # dnsbl logged 1/17/2017 hits: 18
deny 149.56.223.241; # dnsbl logged 1/17/2017 hits: 18
deny 176.31.180.157; # dnsbl logged 1/17/2017 hits: 18
deny 146.185.177.103; # dnsbl logged 1/17/2017 hits: 18
deny 87.118.116.90; # dnsbl logged 1/17/2017 hits: 18
deny 162.247.72.201; # dnsbl logged 1/17/2017 hits: 18
deny 193.90.12.90; # dnsbl logged 1/17/2017 hits: 18
deny 37.233.99.157; # dnsbl logged 1/17/2017 hits: 18
deny 216.218.222.12; # dnsbl logged 1/17/2017 hits: 18
deny 198.96.155.3; # dnsbl logged 1/17/2017 hits: 18
deny 108.175.11.230; # dnsbl logged 1/17/2017 hits: 18
deny 162.247.73.204; # dnsbl logged 1/17/2017 hits: 17
deny 176.102.32.243; # dnsbl logged 1/17/2017 hits: 17
deny 176.123.26.92; # dnsbl logged 1/17/2017 hits: 17
deny 176.213.249.225; # dnsbl logged 1/17/2017 hits: 17
deny 178.17.170.179; # dnsbl logged 1/17/2017 hits: 17
deny 146.185.163.44; # dnsbl logged 1/17/2017 hits: 17
deny 31.41.219.228; # dnsbl logged 1/17/2017 hits: 17
deny 91.219.236.136; # dnsbl logged 1/17/2017 hits: 17
deny 193.90.12.88; # dnsbl logged 1/17/2017 hits: 17
deny 151.80.38.67; # dnsbl logged 1/17/2017 hits: 17
deny 46.39.54.229; # dnsbl logged 1/17/2017 hits: 17
deny 62.212.73.141; # dnsbl logged 1/17/2017 hits: 17
deny 163.172.151.47; # dnsbl logged 1/17/2017 hits: 17
deny 163.172.136.101; # dnsbl logged 1/17/2017 hits: 16
deny 193.90.12.89; # dnsbl logged 1/17/2017 hits: 16
deny 185.14.29.129; # dnsbl logged 1/17/2017 hits: 16
deny 89.223.27.241; # dnsbl logged 1/17/2017 hits: 16
deny 62.80.200.190; # dnsbl logged 1/17/2017 hits: 16
deny 94.242.55.220; # dnsbl logged 1/17/2017 hits: 16
deny 194.88.143.66; # dnsbl logged 1/17/2017 hits: 16
deny 195.154.7.245; # dnsbl logged 1/17/2017 hits: 16
deny 91.134.232.48; # dnsbl logged 1/17/2017 hits: 16
deny 79.172.193.32; # dnsbl logged 1/17/2017 hits: 16
deny 185.100.87.241; # dnsbl logged 1/17/2017 hits: 16
deny 149.56.229.16; # dnsbl logged 1/17/2017 hits: 16
deny 185.31.162.245; # dnsbl logged 1/17/2017 hits: 16
deny 92.222.84.136; # dnsbl logged 1/17/2017 hits: 16
deny 91.213.8.84; # dnsbl logged 1/17/2017 hits: 16
deny 91.121.77.37; # dnsbl logged 1/17/2017 hits: 15
deny 173.208.213.114; # dnsbl logged 1/17/2017 hits: 15
deny 167.114.89.195; # dnsbl logged 1/17/2017 hits: 15
deny 51.15.58.152; # dnsbl logged 1/17/2017 hits: 15
deny 217.115.10.132; # dnsbl logged 1/17/2017 hits: 15
deny 109.86.72.163; # dnsbl logged 1/17/2017 hits: 15
deny 51.15.46.217; # dnsbl logged 1/17/2017 hits: 15
deny 162.247.72.27; # dnsbl logged 1/17/2017 hits: 15
deny 45.62.246.91; # dnsbl logged 1/17/2017 hits: 15
deny 46.29.248.238; # dnsbl logged 1/17/2017 hits: 14
deny 89.248.166.157; # dnsbl logged 1/17/2017 hits: 14
deny 162.247.72.7; # dnsbl logged 1/17/2017 hits: 14
deny 46.183.221.231; # dnsbl logged 1/17/2017 hits: 14
deny 95.153.32.10; # dnsbl logged 1/17/2017 hits: 14
deny 185.100.86.100; # dnsbl logged 1/17/2017 hits: 14
deny 212.47.246.21; # dnsbl logged 1/17/2017 hits: 14
deny 163.172.137.174; # dnsbl logged 1/17/2017 hits: 14
deny 198.100.148.112; # dnsbl logged 1/17/2017 hits: 14
deny 5.2.75.25; # dnsbl logged 1/17/2017 hits: 14
deny 217.12.199.87; # dnsbl logged 1/17/2017 hits: 14
deny 94.242.57.198; # dnsbl logged 1/17/2017 hits: 14
deny 77.109.139.87; # dnsbl logged 1/17/2017 hits: 13
deny 5.196.1.129; # dnsbl logged 1/17/2017 hits: 13
deny 137.74.169.241; # dnsbl logged 1/17/2017 hits: 13
deny 185.154.13.103; # dnsbl logged 1/17/2017 hits: 13
deny 87.118.115.176; # dnsbl logged 1/17/2017 hits: 13
deny 185.29.8.211; # dnsbl logged 1/17/2017 hits: 13
deny 178.17.170.212; # dnsbl logged 1/17/2017 hits: 12
deny 77.121.194.65; # dnsbl logged 1/17/2017 hits: 12
deny 159.203.11.12; # dnsbl logged 1/17/2017 hits: 12
deny 162.247.72.199; # dnsbl logged 1/17/2017 hits: 12
deny 178.17.170.27; # dnsbl logged 1/17/2017 hits: 12
deny 64.137.201.90; # dnsbl logged 1/17/2017 hits: 12
deny 83.143.245.68; # dnsbl logged 1/17/2017 hits: 12
deny 162.247.72.213; # dnsbl logged 1/17/2017 hits: 12
deny 195.228.45.176; # dnsbl logged 1/17/2017 hits: 12
deny 162.247.73.74; # dnsbl logged 1/17/2017 hits: 12
deny 167.114.230.104; # dnsbl logged 1/17/2017 hits: 11
deny 93.174.93.133; # dnsbl logged 1/17/2017 hits: 11
deny 176.195.89.31; # dnsbl logged 1/17/2017 hits: 11
deny 199.254.238.44; # dnsbl logged 1/17/2017 hits: 11
deny 97.74.237.196; # dnsbl logged 1/17/2017 hits: 11
deny 193.169.135.133; # dnsbl logged 1/17/2017 hits: 11
deny 46.182.19.219; # dnsbl logged 1/17/2017 hits: 11
deny 163.172.217.50; # dnsbl logged 1/17/2017 hits: 11
deny 92.222.6.12; # dnsbl logged 1/17/2017 hits: 11
deny 113.18.193.4; # dnsbl logged 1/17/2017 hits: 11
deny 64.27.17.140; # dnsbl logged 1/17/2017 hits: 11
deny 91.76.1.131; # dnsbl logged 1/17/2017 hits: 11
deny 178.175.131.194; # dnsbl logged 1/17/2017 hits: 11
deny 109.227.124.83; # dnsbl logged 1/17/2017 hits: 11
deny 64.137.210.97; # dnsbl logged 1/17/2017 hits: 11
deny 93.158.215.99; # dnsbl logged 1/17/2017 hits: 10
deny 87.118.122.51; # dnsbl logged 1/17/2017 hits: 10
deny 162.243.215.7; # dnsbl logged 1/17/2017 hits: 10
deny 162.243.166.137; # dnsbl logged 1/17/2017 hits: 10
deny 178.17.170.164; # dnsbl logged 1/17/2017 hits: 10
deny 87.98.152.151; # dnsbl logged 1/17/2017 hits: 10
deny 212.112.118.198; # dnsbl logged 1/17/2017 hits: 10
deny 113.18.193.7; # dnsbl logged 1/17/2017 hits: 10
deny 176.104.53.131; # dnsbl logged 1/17/2017 hits: 10
deny 173.79.162.220; # dnsbl logged 1/17/2017 hits: 10
deny 209.249.180.198; # dnsbl logged 1/17/2017 hits: 10
deny 91.121.87.126; # dnsbl logged 1/17/2017 hits: 10
deny 93.158.216.52; # dnsbl logged 1/17/2017 hits: 10
deny 51.15.40.233; # dnsbl logged 1/17/2017 hits: 10
deny 64.137.212.84; # dnsbl logged 1/17/2017 hits: 9
deny 23.82.104.14; # dnsbl logged 1/17/2017 hits: 9
deny 185.156.173.239; # dnsbl logged 1/17/2017 hits: 9
deny 113.18.193.5; # dnsbl logged 1/17/2017 hits: 9
deny 188.126.81.155; # dnsbl logged 1/17/2017 hits: 9
deny 113.18.193.6; # dnsbl logged 1/17/2017 hits: 9
deny 176.194.153.244; # dnsbl logged 1/17/2017 hits: 9
deny 94.242.55.221; # dnsbl logged 1/17/2017 hits: 9
deny 89.74.29.182; # dnsbl logged 1/17/2017 hits: 9
deny 67.205.146.164; # dnsbl logged 1/17/2017 hits: 9
deny 80.240.139.111; # dnsbl logged 1/17/2017 hits: 9
deny 31.185.104.19; # dnsbl logged 1/17/2017 hits: 9
deny 198.50.231.22; # dnsbl logged 1/17/2017 hits: 9
deny 64.137.244.96; # dnsbl logged 1/17/2017 hits: 9
deny 162.247.72.202; # dnsbl logged 1/17/2017 hits: 9
deny 192.36.27.7; # dnsbl logged 1/17/2017 hits: 9
deny 185.72.244.24; # dnsbl logged 1/17/2017 hits: 9
deny 84.53.232.154; # dnsbl logged 1/17/2017 hits: 9
deny 178.17.173.22; # dnsbl logged 1/17/2017 hits: 9
deny 188.123.59.177; # dnsbl logged 1/17/2017 hits: 8
deny 108.61.122.88; # dnsbl logged 1/17/2017 hits: 8
deny 212.83.40.238; # dnsbl logged 1/17/2017 hits: 8
deny 107.182.131.117; # dnsbl logged 1/17/2017 hits: 8
deny 69.162.139.9; # dnsbl logged 1/17/2017 hits: 8
deny 208.12.64.252; # dnsbl logged 1/17/2017 hits: 8
deny 209.133.66.214; # dnsbl logged 1/17/2017 hits: 8
deny 87.118.122.50; # dnsbl logged 1/17/2017 hits: 8
deny 216.230.148.77; # dnsbl logged 1/17/2017 hits: 8
deny 87.118.122.30; # dnsbl logged 1/17/2017 hits: 7
deny 120.52.73.97; # dnsbl logged 1/17/2017 hits: 7
deny 185.29.8.132; # dnsbl logged 1/17/2017 hits: 7
deny 91.213.8.235; # dnsbl logged 1/17/2017 hits: 7
deny 185.16.200.176; # dnsbl logged 1/17/2017 hits: 7
deny 23.82.104.9; # dnsbl logged 1/17/2017 hits: 7
deny 89.38.208.57; # dnsbl logged 1/17/2017 hits: 7
deny 46.166.162.53; # dnsbl logged 1/17/2017 hits: 7
deny 89.187.144.122; # dnsbl logged 1/17/2017 hits: 7
deny 64.124.32.84; # dnsbl logged 1/17/2017 hits: 7
deny 176.58.100.98; # dnsbl logged 1/17/2017 hits: 7
deny 198.58.100.240; # dnsbl logged 1/17/2017 hits: 7
deny 95.130.11.155; # dnsbl logged 1/17/2017 hits: 7
deny 5.18.69.4; # dnsbl logged 1/17/2017 hits: 7
deny 178.17.174.32; # dnsbl logged 1/17/2017 hits: 7
deny 162.247.72.217; # dnsbl logged 1/17/2017 hits: 7
deny 145.255.2.2; # dnsbl logged 1/17/2017 hits: 6
deny 88.80.7.5; # dnsbl logged 1/17/2017 hits: 6
deny 179.43.169.2; # dnsbl logged 1/17/2017 hits: 6
deny 89.45.226.28; # dnsbl logged 1/17/2017 hits: 6
deny 178.17.174.10; # dnsbl logged 1/17/2017 hits: 6
deny 95.130.10.216; # dnsbl logged 1/17/2017 hits: 6
deny 204.17.56.42; # dnsbl logged 1/17/2017 hits: 6
deny 212.83.40.239; # dnsbl logged 1/17/2017 hits: 6
deny 94.23.173.249; # dnsbl logged 1/17/2017 hits: 6
deny 195.9.208.71; # dnsbl logged 1/17/2017 hits: 6
deny 31.185.104.20; # dnsbl logged 1/17/2017 hits: 6
deny 87.118.92.43; # dnsbl logged 1/17/2017 hits: 6
deny 199.68.196.124; # dnsbl logged 1/17/2017 hits: 6
deny 192.195.80.10; # dnsbl logged 1/17/2017 hits: 6
deny 185.100.85.61; # dnsbl logged 1/17/2017 hits: 6
deny 198.167.223.38; # dnsbl logged 1/17/2017 hits: 6
deny 95.142.161.63; # dnsbl logged 1/17/2017 hits: 6
deny 204.194.29.4; # dnsbl logged 1/17/2017 hits: 6
deny 204.8.156.142; # dnsbl logged 1/17/2017 hits: 6
deny 104.236.141.156; # dnsbl logged 1/17/2017 hits: 6
deny 193.110.157.151; # dnsbl logged 1/17/2017 hits: 6
deny 185.100.84.82; # dnsbl logged 1/17/2017 hits: 6
deny 62.141.55.117; # dnsbl logged 1/17/2017 hits: 6
deny 162.247.72.216; # dnsbl logged 1/17/2017 hits: 5
deny 208.123.223.254; # dnsbl logged 1/17/2017 hits: 5
deny 178.17.171.40; # dnsbl logged 1/17/2017 hits: 5
deny 209.141.46.75; # dnsbl logged 1/17/2017 hits: 5
deny 139.162.144.133; # dnsbl logged 1/17/2017 hits: 5
deny 173.242.119.37; # dnsbl logged 1/17/2017 hits: 5
deny 85.143.210.233; # dnsbl logged 1/17/2017 hits: 5
deny 64.137.243.67; # dnsbl logged 1/17/2017 hits: 5
deny 176.100.111.30; # dnsbl logged 1/17/2017 hits: 5
deny 185.100.86.110; # dnsbl logged 1/17/2017 hits: 5
deny 209.66.119.150; # dnsbl logged 1/17/2017 hits: 5
deny 5.189.188.111; # dnsbl logged 1/17/2017 hits: 5
deny 185.104.120.2; # dnsbl logged 1/17/2017 hits: 5
deny 185.100.86.199; # dnsbl logged 1/17/2017 hits: 5
deny 149.91.89.218; # dnsbl logged 1/17/2017 hits: 5
deny 46.166.148.155; # dnsbl logged 1/17/2017 hits: 5
deny 46.105.81.214; # dnsbl logged 1/17/2017 hits: 5
deny 91.207.7.2; # dnsbl logged 1/17/2017 hits: 5
deny 58.217.195.141; # dnsbl logged 1/17/2017 hits: 5
deny 178.137.167.137; # dnsbl logged 1/17/2017 hits: 5
deny 209.249.157.69; # dnsbl logged 1/17/2017 hits: 5
deny 159.203.15.136; # dnsbl logged 1/17/2017 hits: 5
deny 113.18.193.3; # dnsbl logged 1/17/2017 hits: 5
deny 87.98.178.61; # dnsbl logged 1/17/2017 hits: 5
deny 46.38.48.12; # dnsbl logged 1/17/2017 hits: 5
deny 91.134.232.49; # dnsbl logged 1/17/2017 hits: 5
deny 204.11.50.131; # dnsbl logged 1/17/2017 hits: 5


These have all been firewalled directly now and I'll be collecting a new list. Should you have been hit in the past by any of these IPs above you will no longer be hit by them as of today. This list comes from 15,000 failed attempts because of being spam listed. In addition some subnets that I have elected to block are not shown there as well and are taken care of.

signature
email: admin@jcink.com :: blog: John C.
#
QUOTE (xo Lola @ Jan 17 2017, 10:50 PM)
John

One of the spambots .... registered ???? to post ???? their garbage ???

this is a screenshot from Caution, the post has since been deleted but

how did it get past the captcha?

Here is the image


broken captcha.

we don't use a particularly strong captcha to begin with, because they are very annoying and it hasn't been necessary, perhaps until now. I may try reCaptcha because they've got the little checkbox feature now, but reCaptcha isn't that great either.

I'm exploring new options even if they will temporarily throw them off for a while.

signature
email: admin@jcink.com :: blog: John C.
#
hi me again!

just one this time:
83.7.72.143
PM
#
I've got IP addresses from two sites that have been hit in the past two days - I've checked and they're not on the list above, so I hope this is helpful!

5.3.214.227
5.3.208.196
83.7.106.53
95.79.135.86
PM
#
I have installed recaptcha checkbox as a trial.

I am logging both failed attempts and successful attempts, so we will see what the results are.

It is significantly more annoying though because the more you post, the more it will force you to do activities such as pick out what images are similar, etc but there is nothing I can do about that for the moment.

signature
email: admin@jcink.com :: blog: John C.
#
Seeing really good success in the last 12 hours, here is just a clip of everything that was blocked by reCaptcha

QUOTE
188.163.73.42 == Topic Title: [Производство сварных балок любой сложности. Изготовление сварных балок по ГОСТ и СТО]
-- 212.159.91.21 == Topic Title: [Grown up position]
-- 188.163.73.42 == Topic Title: [Производство сварных балок любой сложности. Изготовление сварных балок по ГОСТ и СТО]
-- 5.164.178.248 == Topic Title: [Podskali where to buy a new iPhone? I can not find in Moscow ...]
_ -- 5.164.198.102 == Topic Title: [Form cheaply products no remedy]
_ -- 155.4.212.181 == Topic Title: [Бесплатные секс и порно фото галереи]
_ -- 5.164.178.248 == Topic Title: [The original idea. I wonder how much time he spent on it]
_ -- 83.22.119.144 == Topic Title: [Test, just a test]
-- 5.164.198.102 == Topic Title: [Form cheap products no instruction]
_ -- 139.59.158.210 == Topic Title: [  Pictures from collective networks ]
-- 31.19.158.50 == Topic Title: [Ряд порно фото для взрослых]
-- 163.172.209.74 == Topic Title: [Sexual pictures]
-- 163.172.209.74 == Topic Title: [New Protrude]
-- 188.163.73.42 == Topic Title: [Резка листового металла по низким ценам. Дёшево, качественно и в срок]
-- 188.163.73.42 == Topic Title: [Производство сварных балок любой сложности. Изготовление сварных балок по ГОСТ и СТО]
-- 94.136.203.193 == Topic Title: [Whither Free Watch Star Wars: Episode VIII (2017) Without Paying Part 1 720px?!!]
-- 37.229.197.94 == Topic Title: [Tinedol – эффективное средство от грибка]
-- 213.32.55.247 == Topic Title: [Free galleries]
-- 176.120.254.130 == Topic Title: [Investment projects]
-- 88.150.148.27 == Topic Title: [  Grown up galleries  ]
_ -- 72.65.231.150 == Topic Title: [A  Walk Among the Tombstones ]
_ -- 37.229.197.94 == Topic Title: [Tinedol – эффективное средство от грибка]
-- 188.163.73.42 == Topic Title: [Производство сварных балок любой сложности. Изготовление сварных балок по ГОСТ и СТО]
-- 188.163.73.42 == Topic Title: [Резка листового металла по низким ценам. Дёшево, качественно и в срок]
-- 87.118.110.233 == Topic Title: [   Free galleries  ]
-- 188.163.73.42 == Topic Title: [Изготов]
-- 37.229.197.94 == Topic Title: [Tinedol]
-- 188.163.73.42 == Topic Title: [Строите]
_ -- 94.102.50.42 == Topic Title: [Callow Job]
-- 37.229.197.94 == Topic Title: [Tinedol]
_ -- 188.163.73.42 == Topic Title: [Строительство быстровозводимых зданий и ангаров из металлоконструкций с применением сэндвич панелей на основе быстровозводимых конструкций от компании]
-- 213.108.105.71 == Topic Title: [Adult site]
-- 188.163.73.42 == Topic Title: [Услуги металлообработки на заказ по низким ценам от компании]
-- 89.109.224.213 == Topic Title: [  Adult galleries  ]
-- 51.15.55.140 == Topic Title: [My new website]
-- 139.59.158.210 == Topic Title: [Experimental Poke out]
-- 213.32.55.247 == Topic Title: [Mature galleries]
-- 62.210.254.201 == Topic Title: [Порно фото - уставиться онлайн безмездно]
-- 75.70.55.86 == Topic Title: [Southern Winds Weyr]
-- 31.19.158.50 == Topic Title: [Бесплатная эротика и секс фото галереи]


I'm also keeping track of guest captcha success, and at this time out of the hundreds of guest postings I'm not seeing a single one that is spam.

DNSBLs are also updating more frequently.

I will probably build reCaptcha into the registration system next if this continues to work out.

signature
email: admin@jcink.com :: blog: John C.
#
Seeing -really- good results here with everything I've done.

How about everyone else? Anything at all yesterday or today?

signature
email: admin@jcink.com :: blog: John C.
#
I think there are two ways it could be prevented:

* Auto IP-ban any user that directly hits the register page on their first visit to the site. Spammers tend to hit straight onto the register page with either no referrer or a junk referrer from a spam site, I've seen a few hit the index beforehand but they rarely do so. Real users 99% of the time see the index page or a thread before registering.

* Implement the StopForumSpam API into the register and login page, and IP ban any matches.

I've dealt with these bots before on XMB and MyBB boards, by the way. They use some kind of tool like XRumer or Scrapebox to spam from multiple IPs from a VPS.

As well, forum admins, implement a good security question! Something like "What is 4 + 18 -7" would be easily solvable, whereas asking questions about the forum itself would be less obvious, but spammers would be destroyed.

This post has been edited by microneppy: Jan 22 2017, 08:42 AM
#
QUOTE
* Auto IP-ban any user that directly hits the register page on their first visit to the site. Spammers tend to hit straight onto the register page with either no referrer or a junk referrer from a spam site, I've seen a few hit the index beforehand but they rarely do so. Real users 99% of the time see the index page or a thread before registering.


Then these are the exception. They're not going for the register page at all in my logs, they hit the index, then the bot scans for guest forums. I think they look for keywords such as "Advertise" and wiggle their way in. Their referrers are clean too. We already do quite a bit on the backend to check for patterns as well that I won't mention here in case these guys are reading this board.

QUOTE
* Implement the StopForumSpam API into the register and login page, and IP ban any matches.


Already being done for years, I love SFS and they do a great job. We can't use their API specifically because of too many requests but their database is dl'd and run on one of my servers for our high-use only. http://files.b1.jcink.com/html/emoticons/smile.gif

We have always used SFS for the registration page. Login page is too aggressive. But the focus has been on guests only -- now we are scanning every guest IP and that's going well too.

The problem with SFS now though, is that it's very effective... but not in this instance. SFS is missing -many- of these IP addresses, just by a few hours in some cases. These guys are getting fresh addresses and dumping them very quickly.

Xrumer has been a pain in my ass for... years, but I've been able to thwart them with my own funky captcha and SFS. It looks like that will no longer be an option

I'm thinking they did yet another revision to the software. But these guys cannot get past this reCaptcha at the security level I have set now, and thankfully google had made it possible to implement reCaptcha a lot easier in a service like ours with tons of subdomains and domains, so it couldn't have happened at a better time. I never liked reCaptcha because it was not that great and the "captchas" could be purchased for pennies on the dollar. Things have changed quite a bit...

QUOTE
As well, forum admins, implement a good security question! Something like "What is 4 + 18 -7" would be easily solvable, whereas asking questions about the forum itself would be less obvious, but spammers would be destroyed.


They can't do this since it isn't an option on our service, BUT, since the current captcha is finally dead I will be replacing it with this option as I know exactly what you mean.

signature
email: admin@jcink.com :: blog: John C.
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:
Share this topic:
« Next Oldest | General Support | Next Newest »

OptionsPages: (4) 1 2 3 4  Add ReplyNew TopicNew Poll