The is a post in the Whip the Admins forum from this user.
DorisAxline
I went to check profile because of the use of the word s**t with the actual letters. No user profile. When you hover mouse over the words "buy viagra" the link shows as a buy at a discount somewhere. Was looking for a way to report to mod's, decided to post here. Anyone know what is going on?
Subject: DorisAxline-Strange post no user profile
Subject:
Think I figured part of this out. Tormie may have deleted the user, but the post remained. Since it looks like it is very late where Tormie is, I reported the post to Pangor in PM, and hopefully he will take a look tonight before Tormie gets up in the morning.
Subject:
Tormie was dreaming about a problem :uuh: ... Woke up and went to find out what happened :wink: !
Subject:
Didn't mean to wake you up, Tormie. :oops: This one raised big red flags!!!
Subject:
No problem melamkish, it was good that I was still lurking around.
We just faced a spammer attack, I deleted the post and changed the permissions of the "whip the admin" forum. That forum was supposed to be also a help for people who are unable to register so it was opened to guest writing and that guy posted his spam, his kind of spam was done in order to increase the position of his disgusting site in search engines position posting here the link of his site, masked under the bbcode (you probably didn't noticed it but luckily you were fast to see the post and I dreamed about you :oops: lol). When a search engine bot/crawler found a link, wherever it was, it follows it and the more links it found of a site the higer the rank become so this is the reason why those people try to spread the link to their site everywhere.
Actually I immediatly changed the permissions of the whip the admin forum, now it's read only to guest like the rest of the site, the only support for problems will be the email address of the forum, . This is a special address on spamcop.net. I pay 30$ a year for it because they collect automatically the incoming spam, send me a report about them and have an accurate system to reveal from where the email comes really and then it give me the option to send the report automatically to the abuse service from where the email started.
Actually I installed on the site a powerful IP logger and if the spammer want to write more now he has to register and he will be caught by his ip, even if he try to mask it behind a proxy server or an anonimyzer. I banned the IPs of all known anonymizers and we have a system that stops naughty people who tries to use anonymous proxy, so the spammer will simply get caught.
Now, I don't know if this kind of attacks will continue but we'll have to keep an eye open on the site and the log, some days ago I banned the ip from an user who was masking his browser under a strange "ADA" browser, probably a hacker trying to do something.
In the meantime I'll backup the database, just in case.
Good night friends
We just faced a spammer attack, I deleted the post and changed the permissions of the "whip the admin" forum. That forum was supposed to be also a help for people who are unable to register so it was opened to guest writing and that guy posted his spam, his kind of spam was done in order to increase the position of his disgusting site in search engines position posting here the link of his site, masked under the bbcode (you probably didn't noticed it but luckily you were fast to see the post and I dreamed about you :oops: lol). When a search engine bot/crawler found a link, wherever it was, it follows it and the more links it found of a site the higer the rank become so this is the reason why those people try to spread the link to their site everywhere.
Actually I immediatly changed the permissions of the whip the admin forum, now it's read only to guest like the rest of the site, the only support for problems will be the email address of the forum, . This is a special address on spamcop.net. I pay 30$ a year for it because they collect automatically the incoming spam, send me a report about them and have an accurate system to reveal from where the email comes really and then it give me the option to send the report automatically to the abuse service from where the email started.
Actually I installed on the site a powerful IP logger and if the spammer want to write more now he has to register and he will be caught by his ip, even if he try to mask it behind a proxy server or an anonimyzer. I banned the IPs of all known anonymizers and we have a system that stops naughty people who tries to use anonymous proxy, so the spammer will simply get caught.
Now, I don't know if this kind of attacks will continue but we'll have to keep an eye open on the site and the log, some days ago I banned the ip from an user who was masking his browser under a strange "ADA" browser, probably a hacker trying to do something.
In the meantime I'll backup the database, just in case.
Good night friends
Subject:
That explains it :thumb: At least we caught it fast. Pangor will be able to stand down from red alert when he recieves my PM and gets here. Sometimes its good to be a light sleeper :wink:
Subject:
I farted too loud and awoke :oops: :oops: :oops:
Subject:
:lmao: :lmao: Well, there is that, too. :lol:
Subject:
Subject:
Interesting. And that one points to a different location than the one you deleted.
Hey, if you're gonna be in any shape for the party, you'd better quit lurking and get some snoozing. :)
Hey, if you're gonna be in any shape for the party, you'd better quit lurking and get some snoozing. :)
Subject:
Wow, I go off-line to set p a Render for MBotW and to do some chores and things go wild. Sorry that I was not here in time to help. Melamkish, thank you for catching it and taking action.
A quik search for the user name results in many other sites that have been spammed by this person, could a bot have been used? At sites with open posting forums, the same message is posted, at other sites, a user by that name has registered and then posted that message. in each case, it contains a link to a blog site in france or to a geocities page. The blog has been shutdown, I think. Where this person has registered, those links are also used in the wabsite listing in the profile page.
Pangor
A quik search for the user name results in many other sites that have been spammed by this person, could a bot have been used? At sites with open posting forums, the same message is posted, at other sites, a user by that name has registered and then posted that message. in each case, it contains a link to a blog site in france or to a geocities page. The blog has been shutdown, I think. Where this person has registered, those links are also used in the wabsite listing in the profile page.
Pangor
Subject:
At least it wasn't a serious attack. With all the DDos (Direct Denial of Service) and other such stuff going on out there, anything strange sets off warnings and you must expect the worst until proven otherwise.
A safe, happy ending on this one. :thumb:
A safe, happy ending on this one. :thumb:
Subject:
Yes, xSilentySpoken has been hit by a series of DDos attacks that has taken her site down time and again. It looks like it happened again yesterday.
Page 1 of 1
You cannot post new topicsYou cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You cannot download files
You cannot post calendar events