DeathStar Posted April 3, 2007 Share Posted April 3, 2007 Hi there. I have had some attempts in trying to copy the spammers to find out how i can prefent it. what they do is make 100's off acc's but its not that they jsut do this: $rand = rand(9999,9999999); echo "input type=text value=$rand" the account will come out as: id Name 1 1 2 11 3 111 4 1111 and id NAme 1 blah 2 blahblah 3 blahblahblah 4 blahblahblahblah 5 blahblahblahblahblah How do they do it? Quote Link to comment Share on other sites More sharing options...
trq Posted April 4, 2007 Share Posted April 4, 2007 Many ways. There are lists of common names they could simply iterate through. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted April 4, 2007 Author Share Posted April 4, 2007 yes but how do they do it so fast? looping? Quote Link to comment Share on other sites More sharing options...
trq Posted April 4, 2007 Share Posted April 4, 2007 looping? No. They do it by hand, one name at a time. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted April 4, 2007 Author Share Posted April 4, 2007 they must be fast... i would loop it! will slow downn the server but XD Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 4, 2007 Share Posted April 4, 2007 if you have spammer make them register with a valid email and use a secuirty image Quote Link to comment Share on other sites More sharing options...
DeathStar Posted April 4, 2007 Author Share Posted April 4, 2007 i do just working on link validation that it transefer the acount from one tabel(un_users) to other (users) Quote Link to comment Share on other sites More sharing options...
per1os Posted April 4, 2007 Share Posted April 4, 2007 To do it is very easy. I can make a PHP script to hit a site and send post data and create 100s of accounts in a matter of seconds. To prevent it either use Captcha, like stated before, or set a time limit for an ip to create an account. IE: Log the IP to the DB and if that IP created an account within let's say 5 minutes do not allow them to create another account. Also create some type of an email validation to help. Either way spammers are hard to beat, but to prevent spam bots like that it is fairly easy. The hard ones to prevent are the ones that are not a machine. They suck. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted April 4, 2007 Author Share Posted April 4, 2007 have taht... only one signup with an ip! Quote Link to comment Share on other sites More sharing options...
HaLo2FrEeEk Posted April 4, 2007 Share Posted April 4, 2007 Or, instead of captcha, I thought of method that is WAY more simple, and yet a WAY more advanced and secure method: create a picture with a question, such as, what is 2+2, or what color is the sky, and make them answer the question, that way, the spam bot thinks that they need to use the characters in the picture, and not the answer to the question, genius huh. Use an associative array that will link the question with the correct answer and if they are the same, then it is validated. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted April 4, 2007 Author Share Posted April 4, 2007 Or, instead of captcha, I thought of method that is WAY more simple, and yet a WAY more advanced and secure method: create a picture with a question, such as, what is 2+2, or what color is the sky, and make them answer the question, that way, the spam bot thinks that they need to use the characters in the picture, and not the answer to the question, genius huh. Use an associative array that will link the question with the correct answer and if they are the same, then it is validated. Not all ppl can see normall like you! some are color blind! The question thing is actualy a bad idea, in my oppinion Quote Link to comment Share on other sites More sharing options...
HaLo2FrEeEk Posted April 4, 2007 Share Posted April 4, 2007 Ohhhhkay, the color question was an example, and everyone knows what color the sky is supposed to be, regardless of if they see that color or not. I've seen this feature implemented on more sites than I can count and I've asked every single one of them if they have a problem with spammers, and they say none at all, its way better than captcha, but whatever, if you don't want to use it, then don't, its not my site thats gonna be spammed. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted April 4, 2007 Author Share Posted April 4, 2007 i found an good way for a register just have to figure out how it works: You enter your email ect. then click a button and it sends a mail to the email address and the code will be in the email. you verivy if the code is correct then you submit the form and do the query's Quote Link to comment Share on other sites More sharing options...
per1os Posted April 4, 2007 Share Posted April 4, 2007 That way works, but what happens when the email goes directly to that bot and it gets that validation and can easily validate that account? That is why Captcha works way better, and Halo's example of the question is nearly un-defeatable...for now. But yea it is simple you say What is 2+2 when timesed by 4? Or Given the year 2000, what is the current year? That is what I am going to be implementing on my system and see how it goes. Quote Link to comment Share on other sites More sharing options...
HaLo2FrEeEk Posted April 5, 2007 Share Posted April 5, 2007 Simple, effective, secure, and nigh unbreakable; It might as well be perfect... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.