OOTP Developments Forums - View Single Post

satchel · 03-19-2009, 04:14 PM

After a week with this new system, I am pleased.

My problem never was with getting spammed. My forum got spammed a few times, but it was all concentrated in a limited amount of time; I think there was a period of about three days in which my forum had some bogus registrations, and some resulting spam posts.

The thing I don't like is hacker 'bots crawling all over my site all the time. It used to be constant. For example, I'd always have numerous "guests" on my forum, and when I researched their IP addresses, 90% of the time, the "guests" were originating from hives of hacker activity: downtown San Jose, Costa Rica; shady precincts of Moscow; etc.

The worst was when my site actually got hacked. We got hit at least twice, maybe even three times; I can't remember exactly. Both times they inserted an i-frame, which was a redirect to a site which launched Adobe Reader to insert a Trojan onto the victim's machine. My own computer got infected twice, both times with twext.exe, and the cleaning process was hellish. Plus, every time that one trojan got a foothold, it would invite two or three more in, right away.

Even beyond these major attacks, every time that I simmed, and was uploading my files and reports after the sim, these foreign agents on my domain were doing things that would interrupt my uploads, opening and closing ports against my will, trying to work their evil. It was ridiculous.

I installed Fidel's safeguards a week ago. I liked the first version best, with the scripts right on the php index pages, but it was too restrictive when some systems interfaced with it. So I moved the scripts to the forum registration page. In the first couple of days after installing everything, I was still getting 'bots, but they didn't stay long (before, they would linger). Now I don't see any at all. I figure that they're still trying, so I don't know if they're stopping by so briefly that I'm missing them, or what. But I'm not having the problems I was before. No one is fiddling with my ports; no one is interrupting my uploads.

Fidel has really helped me out personally, and he has benefitted my league. I know that not all of what he shared with us was his own original material, but without him, I never would have gotten hold of it. I have a deep appreciation for Fidel's work, and I sincerely thank him.

03-19-2009, 04:14 PM	#30
satchel Hall Of Famer Join Date: Apr 2002 Location: Ft Smith Ark. USA Posts: 2,681	After a week with this new system, I am pleased. My problem never was with getting spammed. My forum got spammed a few times, but it was all concentrated in a limited amount of time; I think there was a period of about three days in which my forum had some bogus registrations, and some resulting spam posts. The thing I don't like is hacker 'bots crawling all over my site all the time. It used to be constant. For example, I'd always have numerous "guests" on my forum, and when I researched their IP addresses, 90% of the time, the "guests" were originating from hives of hacker activity: downtown San Jose, Costa Rica; shady precincts of Moscow; etc. The worst was when my site actually got hacked. We got hit at least twice, maybe even three times; I can't remember exactly. Both times they inserted an i-frame, which was a redirect to a site which launched Adobe Reader to insert a Trojan onto the victim's machine. My own computer got infected twice, both times with twext.exe, and the cleaning process was hellish. Plus, every time that one trojan got a foothold, it would invite two or three more in, right away. Even beyond these major attacks, every time that I simmed, and was uploading my files and reports after the sim, these foreign agents on my domain were doing things that would interrupt my uploads, opening and closing ports against my will, trying to work their evil. It was ridiculous. I installed Fidel's safeguards a week ago. I liked the first version best, with the scripts right on the php index pages, but it was too restrictive when some systems interfaced with it. So I moved the scripts to the forum registration page. In the first couple of days after installing everything, I was still getting 'bots, but they didn't stay long (before, they would linger). Now I don't see any at all. I figure that they're still trying, so I don't know if they're stopping by so briefly that I'm missing them, or what. But I'm not having the problems I was before. No one is fiddling with my ports; no one is interrupting my uploads. Fidel has really helped me out personally, and he has benefitted my league. I know that not all of what he shared with us was his own original material, but without him, I never would have gotten hold of it. I have a deep appreciation for Fidel's work, and I sincerely thank him.