Gossamer Forum
Home : Gossamer Threads Inc. : Discussion :

Spam problem No;1 at Links2???

(Page 1 of 2)
> >
Quote Reply
Spam problem No;1 at Links2???
It looks like more and more of these multi-submitters have a free easy way to hack into the links2 system (despite the "referer line") and currently there seems to be no guaranteed solution available.

I personally am very concerned about that but without the necessary cgi knowledge i have no clue how to stop it either.
Germans, Canadiens, americans, russians or who ever can hack into it and sell it to multi submitters.

Anyone out there with a "fool proof solution"?
I mean, Yahoo was apparently able to do it, so why couldn't a cgi wiz at or around Links2 do it????

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
Hi useroo,

They're probably not hacking, they're most likely using the URL of your add.cgi script!!

In my experience this sort of spam comes almost always from submission programs that people download to use on their PC. The programs have a database of URL's to submit to and simply run through the list and send out the users site details. What has most probably happened is that someone has noticed the URL to your add.cgi script, and added it to one or more of these program's databases. (This has happened to me several times and finding the culprit can be very difficult!!)

The good news is that you can stop them by simply changing the name of your add.cgi script, since the programs will be looking for a specific URL and if it's not found the software won't submit and will report an error to the user.

Change the name of your add.cgi script to something like, "addurl.cgi" and then update your pages/templates/site_html.pl files to refer to the new script for submissions, and then re-build your Links pages and update/re-upload your static pages.

If you notice it happening again in the future, just change the name to something slightly different again and re-upload/re-build again.

Hope this helps.

All the best
Shaun

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
Please post such threads in the necessary forum in future - this isn't a general discussion thread, therefore it should go in the Links2 Customization Forum.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
thanks for that info, maybe i try that in the future but it is a nuicance too isn't it?
How does Yahoo protect it's add function then????

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
No-one will know the answer to that I expect - Yahoo is HUGE and aren't going to publically describe how they protect their submission process.

But I expect they do and part of the way they do it is by spreading the submission process over several pages.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
yes, that is exactly what i thought makes the difference.

Question here is of course "can't this be done in Links2"????
If so, any hints around?

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
You could do it with Links 2. It wouldn't be that hard I wouln't have thought. I may have a go at it later this month, if I can find some spare time Wink

Andy

webmaster@ace-installer.com
http://www.ace-installer.com
Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
This has already been done Andy in the form of the "Add Confirm" mod.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
'Question here is of course "can't this be done in Links2"????
If so, any hints around?'


Search the forum for add confirm, plus there is countless discussions on spamming in the links 2 discussion forum. Ie. search the forum and you will find lots of suggestions...

Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml
Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
Oh, OK. I didn't realise Blush

Andy

webmaster@ace-installer.com
http://www.ace-installer.com
Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
In Reply To:
How does Yahoo protect it's add function then
I suspect they don't. If you look at any auto-submission service, they always submit to Yahoo. I suspect Yahoo does it the old fashioned way, they have a large staff on hand to accept/reject incoming sites.

The best way I've seen it done is Paypal. They display a random image that the user must type in. i.e. an image showing the number 1234 is displayed a long with the rest of the form, and the user must type in 1234 before the form will be accepted.

Cheers,

Alex

--
Gossamer Threads Inc.
Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
Oooooh it was paypal? I liked that idea, and was trying to figure out how to incorporate that into one of the scripts. Because of the graphic nature of the image, there is no real way for a script to decide what the magic number is, but returning the image as a generic "img src" is one trick, the other is keeping track of what image was sent to what user.

I can think of several other ways to do it, but all would suffer from "time out" type problems in certain situations at least.

If anyone has an idea how to implement this, I'm game :)

PUGDOGŪ Enterprises, Inc.
FAQ:http://LinkSQL.com/FAQ
Forum:http://LinkSQL.com/forum
Quote Reply
Re: Spam problem No;1 at Links2??? In reply to
Basically you would do:

1. Generate a random image number, or pick from a list of prebuilt ones.
2. Save the image number to a file named with a unique session id.
3. Make the name of the form field the unique session id.
4. When submitted, check that the unique session file exists, load it, and then compare the numbers. If they match, your ok, if not, theres a problem.

Cheers,

Alex

--
Gossamer Threads Inc.
Quote Reply
Re: add confirm confusion In reply to
Hi Paul,
i have read the entire thread between Glennu and Antrorules
about that confirmation mod.
However, i got confused because Glennu would change something on it everytime Antro would have a new suggestion.
I have also checked Glennus website with that mod on it.
Now, i am not good enough with cgi to actually understand it all (but i could install it), the problem therefore is that with all the changes i don't know which would now be the full and actually well working version to do that!
Glennu himself never replied to me asking him directly, DO YOU KNOW WHICH IT WOULD BE?

Thanks if you let me know
Rudolf

Quote Reply
Re: add confirm confusion In reply to
I thought I did answer you, and I said read my answer to your post in the forum ie. this one!:

http://www.gossamer-threads.com/...700&Old=allposts

I took the time to answer your question, it's not my fault you ignored it...

Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml
Quote Reply
Re: now i got it In reply to
i was just confused with the changes you made and didn't know which the final installation was.
Anyway now i know, but let me ask you this:
The direct support from GossT. told me that even this confirmation mod could be hacked and a spammer could ergo still get into the system (don't ask ME how).
Again, i don't fully understand all these files in Links2, it works anyway, but what do you think, is it really even with such a "redirection" to that confirm page still not "safe" enough to forget about spam for good????

P.S.
Have a little bit of patience with me, i am off the forum again for a long time to come once i have gathered the necessary spam protection possibility info.
Rudolf

Quote Reply
Re: now i got it In reply to
Obviously.

Nothing is fool proof but it is better than having no protection at all. I have a feeeling that your site isn't under a great deal of threat so you don't need it to be like Fort Knox so the current mod will suffice.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Quote Reply
Re: now i got it In reply to
I think adding things such as a confirmation page.., etc will help deter some spammers. But I guess if a spammer is determined enough and has some knowledge then they could be able to get through pretty much anything.

A better method would be to implement something like what Alex mentioned above, that Paypals use. You could integrate this into the add confirm. Shouldn't be that hard to do and if I get a few minutes of free time I'll take a quick look at it.

Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml
Quote Reply
Re: had 3 different spammers this week In reply to
See, that is a lot for me, fortunately i could find each ones URL (they where all Canadian/US based multi submission scheme websites) and send them a complaint e-mail to which they responded instantly and the spam stopped.

I also got from other side this little thing for app.cgi:
-----------multiple spammer block code for add.pl---------------

my ($key, $status, $line, $output);

if ($in{'URL'} =~ /sexisp.com/i || $in{'URL'} =~
/sexisp/i ||
$in{'URL'} =~ /spammer2.com/i || $in{'URL'} =~
/spammer2//i ||
$in{'URL'} =~ /spammer3.com/i || $in{'URL'} =~
/spammer3//i ||
$in{'URL'} =~ /spammer4.com/i || $in{'URL'} =~
/spammer4/i) {
&site_html_add_failure ("You are not allowed to add links!");
return;
}
-----------muss noch probiert werden--------------------
this was easier to install and seems to help but the confirmation thing i guess would be better.
Rudolf

Quote Reply
Re: i think many would appreciate.. In reply to
..such an added security feature, in fact even Altavista has this sort (or similar) of random image text that you need to retype before you can submit.

It maybe easy for you, but i sure have no clue how to do such a thing - unless i see how.
So far i helped myself with complaining to the spammers that i found and they actually stopped, plus i just found this little thing (don't know how good it is)
-----------multiple spammer code for add.pl--------------

my ($key, $status, $line, $output);

if ($in{'URL'} =~ /sexisp.com/i || $in{'URL'} =~
/sexisp/i ||
$in{'URL'} =~ /spammer2.com/i || $in{'URL'} =~
/spammer2//i ||
$in{'URL'} =~ /spammer3.com/i || $in{'URL'} =~
/spammer3//i ||
$in{'URL'} =~ /spammer4.com/i || $in{'URL'} =~
/spammer4/i) {
&site_html_add_failure ("You are not allowed to add links!");
return;
}
-----------muss noch probiert werden--------------------
Rudolf

Quote Reply
Re: i think many would appreciate.. In reply to
You could use -

@badsites = qw( spammer.com spammer2.com spammer3.com );

foreach (@badsites) {
if (grep /$_/i, $in{'URL'}) {
&site_html_add_failure ("DONT SPAM ME");
}
}

Also you could use -

@badip = qw( 111.111.111.111 222.222.222.222 );

foreach (@badip) {
if ($ENV{'REMOTE_ADDR'} =~ /$_/) {
&site_html_add_failure ("DONT SPAM ME");
}
}

I don't guarantee it but I think it should work. When I say I don't guarantee it, I mean in terms of syntax because I haven't tested it.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Quote Reply
Re: i think many would appreciate.. In reply to
There already is a BLOCK URL MOD located at the following web page:

http://lookhard.hypermart.net/...-mods/blockurls.html

which has been referenced in a bunch of Threads in the Links 2.0 support forums and also linked in the Resources section, I believe.

Regards,

Eliot Lee
Quote Reply
Re: i think many would appreciate.. In reply to
'It maybe easy for you, but i sure have no clue how to do such a thing - unless i see how.'

Yep had a quick play around yesterday and put together a solution. If you want to see how I'll post it soon...

Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml
Quote Reply
Re: i assume.... In reply to
the lines you mentioned (as below)
------------------------------------------------------
@badsites = qw( spammer.com spammer2.com spammer3.com );

foreach (@badsites) {
if (grep /$_/i, $in{'URL'}) {
&site_html_add_failure ("DONT SPAM ME");
}
}
-----------------------------------------------
would go into "add.cgi"????
And if so, where exactly inthere???
(to bad you are not sure if the whole portion is written right (syntax), i wouldn't be able to tell.
Rudolf

Quote Reply
Re: i assume.... In reply to
You'd put it in add.cgi under where the script checks the referer.

You would be able to tell if the syntax was wrong because you'd either get a 500 or it wouldn't work :)

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

> >