Massassi Forums Logo

This is the static archive of the Massassi Forums. The forums are closed indefinitely. Thanks for all the memories!

You can also download Super Old Archived Message Boards from when Massassi first started.

"View" counts are as of the day the forums were archived, and will no longer increase.

ForumsDiscussion Forum → Registration Closed? I opened it again.
12
Registration Closed? I opened it again.
2006-11-14, 2:59 PM #1
I don't know why it was closed. Apparently people wanted to use the image verification thing, but it looked like the text was impossible to read. So I made it easier to read. Hopefully this will solve the problems. If not, admins, please post a thread in the admin forum so I can understand the full problem.

Thanks,
Brian
2006-11-14, 3:13 PM #2
Hurray! Sug's roommate can join!
"If you watch television news, you will know less about the world than if you just drink gin straight out of the bottle."
--Garrison Keillor
2006-11-14, 3:15 PM #3
^.^
free(jin);
tofu sucks
2006-11-14, 5:01 PM #4
Reason why we closed it was that we were having spammers and spam bots attacking us with higher frequency. Also something about upgrading said that user registration had to be closed. :confused:
Code to the left of him, code to the right of him, code in front of him compil'd and thundered. Programm'd at with shot and $SHELL. Boldly he typed and well. Into the jaws of C. Into the mouth of PERL. Debug'd the 0x258.
2006-11-14, 6:49 PM #5
Originally posted by JediGandalf:
Reason why we closed it was that we were having spammers and spam bots attacking us with higher frequency. Also something about upgrading said that user registration had to be closed. :confused:

Who is doing the upgrade, and when? Who has access to the latest vb downloads?
2006-11-14, 7:00 PM #6
Ain't me, and I dunno how they could. Considering they need your customer number to do so >.>
2006-11-14, 7:17 PM #7
I was under the impression that MBeggar can do it and that the green light had been given so to upgrade.

I dinna know what is going on with that. He's been uber busy of late.
Code to the left of him, code to the right of him, code in front of him compil'd and thundered. Programm'd at with shot and $SHELL. Boldly he typed and well. Into the jaws of C. Into the mouth of PERL. Debug'd the 0x258.
2006-11-14, 7:24 PM #8
So, to combat spammers and bots, you re-opened registration and made the CAPTCHA easier to bypass?

...
the idiot is the person who follows the idiot and your not following me your insulting me your following the path of a idiot so that makes you the idiot - LC Tusken
2006-11-14, 7:57 PM #9
http://isc.sans.org/diary.php?storyid=1836

That was on Slashdot a while ago, it might be worth looking into. Making dummy, invisible registration fields and throwing away any registrations that have those fields filled out.

Or, we could always try KittenAuth =^_^=
Marsz, marsz, Dąbrowski,
Z ziemi włoskiej do Polski,
Za twoim przewodem
Złączym się z narodem.
2006-11-14, 9:04 PM #10
Who really cares about a few spammers? God forbid a bit of work for 5 admins on a 25 active people forum. :P
Was cheated out of lions by happydud
Was cheated out of marriage by sugarless
2006-11-14, 9:14 PM #11
Originally posted by Wolfy:
So, to combat spammers and bots, you re-opened registration and made the CAPTCHA easier to bypass?

...


I'd much rather have registration open than be "protected" from a few bots (they traumatize me! :v: ).
"it is time to get a credit card to complete my financial independance" — Tibby, Aug. 2009
2006-11-14, 9:20 PM #12
Originally posted by Jepman:
Who really cares about a few spammers? God forbid a bit of work for 5 admins on a 25 active people forum. :P

Wait you mean I actually have to do work? You mean I just can't randomly change user titles??

:ninja:
Code to the left of him, code to the right of him, code in front of him compil'd and thundered. Programm'd at with shot and $SHELL. Boldly he typed and well. Into the jaws of C. Into the mouth of PERL. Debug'd the 0x258.
2006-11-14, 10:27 PM #13
Originally posted by Freelancer:
I'd much rather have registration open than be "protected" from a few bots (they traumatize me! :v: ).



Its not so much of a "protection" thing.

But when i have to spend time deleting threads from spammers in every forum and then go through banning someone, it wastes my time. I do know its my job to fix this too, but right now its finals week and to me it is annoying to clean up a spammer.

Yes there are other admins but *newsflash* we're not online 24/7.

It was our decision that registration should be closed for the week to deter any spammers and spam bots. When we had free time, we were going to discuss how to prevent further spammers.
Yes it was an easy way out, but it helped put at least one problem on hold.
[01:52] <~Nikumubeki> Because it's MBEGGAR BEGS LIKE A BEGONI.
2006-11-15, 2:11 AM #14
Take a look at KittenAuth. It seems pretty foolproof.
Bassoon, n. A brazen instrument into which a fool blows out his brains.
2006-11-15, 4:52 AM #15
Except at the moment their sample is completely and utterly broken.

2006-11-15, 4:57 AM #16
An admin tool/script to delete all posts by a specific user, and ban the user would be a cool quick way of dealing with a bot. As long as there are safety checks so a real user doesn't get accidently obliterated.
Massassi's Official Chatroom: irc.synirc.com #massassi
2006-11-15, 5:08 AM #17
Originally posted by JediGandalf:
Wait you mean I actually have to do work? You mean I just can't randomly change user titles??

:ninja:


Dude, I want Peepee Socks back :(

I don't want breasts /_\

Well I do, but not publically!!!

:ninja:
Was cheated out of lions by happydud
Was cheated out of marriage by sugarless
2006-11-15, 5:43 AM #18
Originally posted by GhostOfYoda:
An admin tool/script to delete all posts by a specific user, and ban the user would be a cool quick way of dealing with a bot. As long as there are safety checks so a real user doesn't get accidently obliterated.


If we'd get updated to 3.6 this would be possible. A quick search for all posts by the user allows you to delete all their posts in no time at all.

3.6 is so much better than 3.0 it scares me, really. Plus the AJAX posting is absolutely awesome.

And there's also a mod for 3.6 that allows a registration field to ask random questions that must be answered. Like "What is the capital of the United States?" or "What is 3 x 4?". Bots won't know what the heck it is, but any human could figure it out.
2006-11-15, 7:53 AM #19
[QUOTE=Cool Matty]And there's also a mod for 3.6 that allows a registration field to ask random questions that must be answered. Like "What is the capital of the United States?" or "What is 3 x 4?". Bots won't know what the heck it is, but any human could figure it out.[/QUOTE]

But all those questions are stored in the script. Someone could make a bot with all the questions and answers. :gbk:
gbk is 50 probably

MB IS FAT
2006-11-15, 7:56 AM #20
But if there's 30 questions.... Or randomized math questions...
My Parkour blog
My Twitter. Follow me!
2006-11-15, 8:19 AM #21
Not to mention that it would the first step in implementing Freelancer's suggestion for an IQ test.
the idiot is the person who follows the idiot and your not following me your insulting me your following the path of a idiot so that makes you the idiot - LC Tusken
2006-11-15, 8:25 AM #22
The capital of the U.S. is Meredith, New Hampshire right?

:ninja:
Was cheated out of lions by happydud
Was cheated out of marriage by sugarless
2006-11-15, 8:34 AM #23
Originally posted by happydud:
But if there's 30 questions.... Or randomized math questions...


it wouldn't be hard to make a script that could answer math questions either
gbk is 50 probably

MB IS FAT
2006-11-15, 8:42 AM #24
Originally posted by Jepman:
The capital of the U.S. is Meredith, New Hampshire right?

:ninja:

It's New York, you idiot.
Sorry for the lousy German
2006-11-15, 8:44 AM #25
Originally posted by Impi:
It's New York, you idiot.


Pffft it was a joke, but you're wrong moron, its Los Angeles.
Was cheated out of lions by happydud
Was cheated out of marriage by sugarless
2006-11-15, 8:47 AM #26
It's Kansas City 'cuz it's in the middle.
Warhead[97]
2006-11-15, 9:01 AM #27
I dunno about the USA, but the capital of Canada is definitely Toronto.
Stuff
2006-11-15, 9:04 AM #28
I thought it was Quebec!
Ban Jin!
Nobody really needs work when you have awesome. - xhuxus
2006-11-15, 9:05 AM #29
wtf quebec isn't even in canada dude :psyduck:
Stuff
2006-11-15, 10:30 AM #30
Originally posted by Wolfy:
So, to combat spammers and bots, you re-opened registration and made the CAPTCHA easier to bypass?

...

I thought the issue was that the CAPTCHA was impossible for even PEOPLE to read. It was really bad, still is, but at least it's readable now.
2006-11-15, 10:33 AM #31
Originally posted by kyle90:
wtf quebec isn't even in canada dude :psyduck:

:argh: :argh:
"NAILFACE" - spe
2006-11-15, 10:55 AM #32
Originally posted by Seb:
:argh: :argh:


Vive le québec! Chin chin colis!
Was cheated out of lions by happydud
Was cheated out of marriage by sugarless
2006-11-15, 10:57 AM #33
Originally posted by Jepman:
Pffft it was a joke, but you're wrong moron, its Los Angeles.

You lose. It's Ouagadougou. :o
Last edited by mb; today at 10:55 AM.
2006-11-15, 10:59 AM #34
Originally posted by Brian:
I thought the issue was that the CAPTCHA was impossible for even PEOPLE to read. It was really bad, still is, but at least it's readable now.

The issue was that the CAPTCHA was not stopping spambots. Making it easier to read only makes that issue worse :/
[01:52] <~Nikumubeki> Because it's MBEGGAR BEGS LIKE A BEGONI.
2006-11-15, 11:35 AM #35
Originally posted by NoESC:
But all those questions are stored in the script. Someone could make a bot with all the questions and answers. :gbk:


You create the questions yourself. The script doesn't come with any. And if they manage to rip the questions you created from the script on your server... well... you've got more than one issue to attend to.
2006-11-15, 11:38 AM #36
[QUOTE=Cool Matty]And if they manage to rip the questions you created from the script on your server...[/QUOTE]

You're probably called Jepman and will spend countless hours annoying Cool Matty on MSN about programming some security into your code.

Not that it happened or anything. :ninja:
Was cheated out of lions by happydud
Was cheated out of marriage by sugarless
2006-11-15, 12:45 PM #37
[QUOTE=Cool Matty]You create the questions yourself. The script doesn't come with any. And if they manage to rip the questions you created from the script on your server... well... you've got more than one issue to attend to.[/QUOTE]

What if the attacker bothers with cataloguing the questions and then runs his bot
2006-11-15, 12:52 PM #38
Then we have a compulsive idiot our hands.
2006-11-15, 1:10 PM #39
Mr. Tiberium_Empire speaks the truth. Why then bother with bots when you could spam yourself? The point of bots is to have less work.
Sorry for the lousy German
2006-11-15, 1:10 PM #40
Originally posted by Molgrew:
What if the attacker bothers with cataloguing the questions and then runs his bot


What if what if what if?

No method is fool-proof. But it would stop the browsing ones that just stumble on this site.

If a person is determined, they can just register a bunch of accounts themselves, without even using a bot. That's not the point, though.
12

↑ Up to the top!