[Mediawiki-l] Malicious content deleting bots
Jim Hu
jimhu at tamu.edu
Thu Apr 12 03:45:12 UTC 2007
From my limited experience managing a couple of bbs systems (2 phpBB
and one vBulletin), the captcha reduces but does not come close to
eliminating spammers. While I don't know for sure that these are
bots, I suspect that they are based on how they show up on the
different unrelated bbs systems at the same time even though some are
on different servers. I believe there are at least two approaches
that are known to defeat captchas. One involves image analysis while
the other involves mirroring the captcha onto a page promising free
"stuff". Alas, I imagine that vandals have access to the same
technology as spammers.
Jim
On Apr 11, 2007, at 10:07 PM, Eric K wrote:
> These bots are striking wikis everywhere. This extension should be
> made part of Mediawiki. Almost every website having public account
> creation has some sort of captcha. Image capchas are the best -
> people are used to doing that. The image capcha is there yea, but
> its harder to install. I'm just gonna do with the text captha.
>
> Here's the link everyone, protect your wikis. These bots are
> searching the net for wikis to do their damage:
>
> http://www.mediawiki.org/wiki/Extension:ConfirmEdit
>
> Thanks to Rob C. for giving this link.
>
>
>
>
>
> Tels <nospam-abuse at bloodgate.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Moin,
>
> On Wednesday 11 April 2007 18:00:57 Mike Wheeler wrote:
>> I too have noticed what appear to be malicious bots deleting content
>> from wikis over the past couple days.
>>
>> From what I have seen they delete page content starting at the first
>> ampersand through the end of the page.
>>
>> Here is one page they hit:
>>
>> http://www.archiplanet.org/w/index.php?
>> title=Notre_Dame_Cathedral&diff=550682&oldid=547840
>>
>> I have seen this on multiple unrelated wikis which do not require
>> registration for editing. In the above case it was done by a newly
>> registered user with a six character alphanumeric username, as
>> described by the first person to report this on the list. Other
>> instances have been done by unregistered users recorded only by IP
>> number:
>>
>> http://www.archiplanet.org/w/index.php?
>> title=Gunter_Behnisch&diff=550666&oldid=548133
>>
>> Thankfully they have only hit a few of our pages so far, but we would
>> obviously like to put an end to it before they do more widespread
>> damage.
>
> First steps: Allow only registered user to edit, put a captcha on
> account
> registration and require an email verification.
>
> All the best,
>
> Tels
>
>
> - --
> Signed on Wed Apr 11 20:21:14 2007 with key 0x93B84C15.
> Get one of my photo posters: http://bloodgate.com/posters
> PGP key on http://bloodgate.com/tels.asc or per email.
>
> "The campaign should combat the messages of pornography by putting
> signs
> on buses saying sex with children is not OK."
>
> -- Mary Anne Layden in ttp://tinyurl.com/6a9cy
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> iQEVAwUBRh1DY3cLPEOTuEwVAQIrWAf+JWbDz5cfKyql383iPefhiMY7qwIrNSrS
> HMnEIA7nnkBzTkkljWAy5h6kIruTQkb1Bt3g5WOJf9RwuM49D3BbVLQpab6hHnrr
> B4Lr3yxhrbn4/nCVr+W9qVrjZm4F0C7opPNUjHqe9Wfe/YZ6L/hiA4+/jhr4ix3t
> DGHh5u96mnXwO28sCX0OUNWnM8cKVa9CBH35og5/s7Wp9CV43rxwZM/R6hYlObz9
> hA+GvBRcEWGQY6L/NJ/f5RfYMvq/KPeNHDdIKk+MGWWo3YeNl46aejkvorW7ZLTy
> 1hW2wq9A0iB/XDp+2VxiQMZwdWA1gjVEiX3TIymQC9rtBopd29Gyng==
> =iFx8
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
>
>
> ---------------------------------
> Don't be flakey. Get Yahoo! Mail for Mobile and
> always stay connected to friends.
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
=====================================
Jim Hu
Associate Professor
Dept. of Biochemistry and Biophysics
2128 TAMU
Texas A&M Univ.
College Station, TX 77843-2128
979-862-4054
More information about the MediaWiki-l
mailing list