Major spam attack - Kia Forum
 4Likes
  • 1 Post By kiaguy002
  • 1 Post By ron1004
  • 2 Post By kiaguy002
 
LinkBack Thread Tools Display Modes
post #1 of 8 (permalink) Old 02-25-2018, 04:57 AM Thread Starter
Super Moderator
 
ron1004's Avatar
 
Join Date: Jun 2005
Location: USA
Posts: 8,340
Drives: 1999 Kia / 기아 Elan, 2017 Ford Edge Sport, 2015 Ford Mustang, 2008 Harley Nightrain
Gallery: 13
Mentioned: 18 Post(s)
Tagged: 0 Thread(s)
Quoted: 672 Post(s)
Garage

Thread Starter (Thread Starter)
Exclamation Major spam attack

Early this morning there was a major spam attack of 800+ - the content was Korean text, using multiple user ID's.

Admin will be blocking the dirty buggers.


Quality and not quantity counts.

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Sig image is 500X100 at 11.7 kb

Last edited by ron1004; 02-25-2018 at 05:47 AM.
ron1004 is offline  
Sponsored Links
Advertisement
 
post #2 of 8 (permalink) Old 02-25-2018, 05:45 AM Thread Starter
Super Moderator
 
ron1004's Avatar
 
Join Date: Jun 2005
Location: USA
Posts: 8,340
Drives: 1999 Kia / 기아 Elan, 2017 Ford Edge Sport, 2015 Ford Mustang, 2008 Harley Nightrain
Gallery: 13
Mentioned: 18 Post(s)
Tagged: 0 Thread(s)
Quoted: 672 Post(s)
Garage

Thread Starter (Thread Starter)
Still ongoing !!!!!

Quality and not quantity counts.

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Sig image is 500X100 at 11.7 kb
ron1004 is offline  
post #3 of 8 (permalink) Old 02-25-2018, 07:48 AM
Expert
 
Join Date: Oct 2015
Location: Northeast
Posts: 887
Drives: 2011 Forte SX 2.4L (thankfully MPI) A/T 131K miles
Gallery: 0
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 248 Post(s)

One thing I don't understand is why these sites don't use high volume blocking. The normal volume rate is VERY low - I'd guess that somewhere around 1 new post every 20 minutes would be the average rate, and 5 per minute would be the max. I might be off on those numbers, but the admin code captures all of that anyway, and the actual average/max posting rate is always known internally.

With the rates known, the instant that posting begins to spike beyond some preset and modifiable number, simply start sending out the following message:
'This site is experiencing a spam attack.' followed by requiring a 'human recognition' confirmation in order to complete the post.

Every once in a while the volume would be normally high, and the spam message been sent would not be true. But who cares, because normal traffic would continue unaffected during the short time of high volume. But the spammers denial-of-serivice attacks would never work, and they would be stuck with manually entering single spams. I don't think they would be too interested in hanging around very long doing that.
ron1004 likes this.
kiaguy002 is offline  
 
post #4 of 8 (permalink) Old 02-25-2018, 09:14 AM Thread Starter
Super Moderator
 
ron1004's Avatar
 
Join Date: Jun 2005
Location: USA
Posts: 8,340
Drives: 1999 Kia / 기아 Elan, 2017 Ford Edge Sport, 2015 Ford Mustang, 2008 Harley Nightrain
Gallery: 13
Mentioned: 18 Post(s)
Tagged: 0 Thread(s)
Quoted: 672 Post(s)
Garage

Thread Starter (Thread Starter)
Quote:
Originally Posted by kiaguy002 View Post
One thing I don't understand is why these sites don't use high volume blocking. The normal volume rate is VERY low - I'd guess that somewhere around 1 new post every 20 minutes would be the average rate, and 5 per minute would be the max. I might be off on those numbers, but the admin code captures all of that anyway, and the actual average/max posting rate is always known internally.

With the rates known, the instant that posting begins to spike beyond some preset and modifiable number, simply start sending out the following message:
'This site is experiencing a spam attack.' followed by requiring a 'human recognition' confirmation in order to complete the post.

Every once in a while the volume would be normally high, and the spam message been sent would not be true. But who cares, because normal traffic would continue unaffected during the short time of high volume. But the spammers denial-of-serivice attacks would never work, and they would be stuck with manually entering single spams. I don't think they would be too interested in hanging around very long doing that.
Thanks, I'm sure Admin will consider your suggestions.

I suggested something along those lines, but your comment smacks of a whole lot more know-how.
jetech00001 likes this.

Quality and not quantity counts.

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Sig image is 500X100 at 11.7 kb
ron1004 is offline  
post #5 of 8 (permalink) Old 02-25-2018, 09:55 AM
Expert
 
Join Date: Oct 2015
Location: Northeast
Posts: 887
Drives: 2011 Forte SX 2.4L (thankfully MPI) A/T 131K miles
Gallery: 0
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 248 Post(s)

Quote:
Originally Posted by ron1004 View Post
... I suggested something along those lines, but your comment smacks of a whole lot more know-how.
I worked in I/T for 40 years before retiring a couple years ago. Not in a server/admin capacity, but nevertheless having to constantly deal with and resolve problems, so it's second nature for me to look for the most effective solutions.

I think that almost none of this spam activity is innocent or harmless. I see it periodically on all of my regular sites, and this type of activity strikes me as probing for weakness. I believe almost all of it is backed by foreign governments or criminal organizations, and there's very likely to be serious consequences down the road if we're (collectively) not aggressive in countering this activity. And part of those defensive measures might very well require imposing some minor restrictions or inconveniences to the valid end-user community. I think most of us would understand and accept this, if it's explained along those lines. Unfortunate, but a necessary thing, given the state of the world today.

If I was a bit younger, I'd love to battle these idiots and try to grind them into the pavement.
ron1004 and jetech00001 like this.
kiaguy002 is offline  
post #6 of 8 (permalink) Old 02-26-2018, 01:37 PM
Administrator
 
administrator's Avatar
 
Join Date: May 2006
Posts: 2,232
Drives: Kia Spectra
Gallery: 16
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 308 Post(s)
Garage

Hey there,

Where was the attack on the forum? Can you send us the URL and we'll have a look at it?
I looked into the backend of the forum and the spam functions seem to be intact.

Ed


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

NEW!:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

NEW!:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

NEW!:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
administrator is offline  
post #7 of 8 (permalink) Old 02-26-2018, 01:55 PM Thread Starter
Super Moderator
 
ron1004's Avatar
 
Join Date: Jun 2005
Location: USA
Posts: 8,340
Drives: 1999 Kia / 기아 Elan, 2017 Ford Edge Sport, 2015 Ford Mustang, 2008 Harley Nightrain
Gallery: 13
Mentioned: 18 Post(s)
Tagged: 0 Thread(s)
Quoted: 672 Post(s)
Garage

Thread Starter (Thread Starter)
Exclamation

Quote:
Originally Posted by administrator View Post
Hey there,

Where was the attack on the forum? Can you send us the URL and we'll have a look at it?
I looked into the backend of the forum and the spam functions seem to be intact.

Ed
I'm surprised that you ask that question - it was also reported in Admin/MOD's section.

"온라인경마사이트 , 인터넷경마사이트〔♡ RACC⑸⑸。CoM ♡〕 경정결과"
That is what the thousands of spam messages looked like.

See just one example in this link: https://www.kia-forums.com/general-ki...-racc-com.html

Note, that link won't be open to others to veiw.

Quality and not quantity counts.

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Sig image is 500X100 at 11.7 kb
ron1004 is offline  
post #8 of 8 (permalink) Old 02-27-2018, 10:24 AM
Administrator
 
administrator's Avatar
 
Join Date: May 2006
Posts: 2,232
Drives: Kia Spectra
Gallery: 16
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 308 Post(s)
Garage

Thanks for the feedback,

Niall has already turned on the spam blocker on the site.
He mentioned this in the other thread. Spam posts will not be moderated.

Ed


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

NEW!:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

NEW!:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

NEW!:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
administrator is offline  
Reply

  Kia Forum > General > Kia-Forums.com Site Issues and Website Help



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
User Tag List

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On