https://idmfullversion.com/movavi-video-editor-plus-full-version/ https://idmfullversion.com/movavi-video-editor-plus-full-version/
Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am
https://idmfullversion.com/movavi-video-editor-plus-full-version/ https://idmfullversion.com/movavi-video-editor-plus-full-version/
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.
is it possible to add some type of challenge to trip them up?
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.
Yup, spammers have been doing that for years.
Sure. The first question is: which web interface is/was being used?
The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?
Re: bots // Adobe After Effects Crack
By: Digital Man to MRO on Sun Jul 03 2022 04:23 pm
So it seems like someone wrote a script for synchronet bbses so they can have a bot apply and login on the web interface and then post in the msg subs.
Yup, spammers have been doing that for years.
well i havent seen them really create an account on the web and then post.
did they do that with runmaster's web?
Sure. The first question is: which web interface is/was being used?
i think it's the ecweb.
The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?
i talked to marisa today and they pulled the bbs down until they can talk to the person.
so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000 ( it is down now, as i said)
so this is the runemaster web, right
https://i.imgur.com/fynL92r.png
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.
Yup, spammers have been doing that for years.
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in
the msg subs.
Yup, spammers have been doing that for years.
i think it's the ecweb.
So it seems like someone wrote a script for synchronet bbses so they can have a bot apply and login on the web interface and then post in the
msg subs.
Yup, spammers have been doing that for years.
well i havent seen them really create an account on the web and then post. di
they do that with runmaster's web?
Yup, spammers have been doing that for years.
i think it's the ecweb.
I think you might be right. As you well know, we had a similar experience here. I don't know how they got in, but for safety sake we shut down the registrations on the web. If a new user wants to register now, they will have to go through the bbs window, and register on the bbs itself.
well i havent seen them really create an account on the web and then post. di
they do that with runmaster's web?
The ones that did it here initially created an account via telnet or SSH. They even left an intelligible message to the sysop. I am not sure which interface the bot used (probably the web).
AFAICT, that is the only current way to fix it. I think there *might be*
an add-on that uses some sort of CAPTCHA to prevent bots from creating accounts. Seems like I have seen Daryl Stout talking about it before.
Re: bots // Adobe After Effects Crack
By: DesotoFireflite to MRO on Mon Jul 04 2022 06:35 am
Yup, spammers have been doing that for years.
i think it's the ecweb.
I think you might be right. As you well know, we had a similar
experience here. I don't know how they got in, but for safety sake we
shut down the registrations on the web. If a new user wants to
register now, they will have to go through the bbs window, and
register on the bbs itself.
well i guess it's both of them.
i think there's a guy who knows that we run servers that can be compromised that way and he's making scripts and putting them in some kiddy script pack or something like that.
the best way is to just disable the new user signups via the web.
Re: bots // Adobe After Effects Crack
By: Digital Man to MRO on Sun Jul 03 2022 04:23 pm
So it seems like someone wrote a script for synchronet bbses so they can have a bot apply and login on the web interface and then post in the msg subs.
Yup, spammers have been doing that for years.
Its not often that I use the "delete message" button when reading messages - but when there is obvious spam I do.
Not sure if you are aware, but if you press delete, and you are not on the last message (in a sub), then after confirming the delete, you automatically advance to the next message (in a sub).
However, if you press delete on the last message (of a sub), after you confirm the delete, you are presented with the same message. It's triped me up a few times - where pressing "delete" again actually undeletes it (without a confirmation - but that is OK).
Can you change it so that pressing delete on the last message (in a sub) acts like "next" after deleting it, and takes you out of the message area (or to the next area when you are reading new messages).
Re: Adobe After Effects CrackGuests come in at level 50, not sure why I have it set that high but
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am
https://idmfullversion.com/movavi-video-editor-plus-full-version/ https://idmfullversion.com/movavi-video-editor-plus-full-version/
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in
the msg subs.
is it possible to add some type of challenge to trip them up?
---
þ Synchronet þ ::: BBSES.info - free BBS services :::
is it possible to add some type of challenge to trip them up?
Guests come in at level 50, not sure why I have it set that high but
there you go. To be able to post to any group you need at least 60. I
only advance the level once the user has sent the sysop a message and I
can be pretty certain they're for real.
Guests can post in the local areas so at least they have something to
do and any spam can be easily mitigated and the account deleted and ip blocked.
If you set SCFG->Message Options->Users Can View Deleted Messages to "No", then it'll behave as you described. You won't have
the option to undelete messages using the built-in message reader, but perhaps that's what you want.
So I have that for users - but for me its not what I want.
So I have that for users - but for me its not what I want.
Okay, I just committed a change that hopefully is what you want. Let me know,
Re: bots // Adobe After Effects Crack
By: MRO to digital man on Sun Jul 03 2022 04:56 pm
Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am
https://idmfullversion.com/movavi-video-editor-plus-full-version/
https://idmfullversion.com/movavi-video-editor-plus-full-version/
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the
msg subs.
Yup, spammers have been doing that for years.
is it possible to add some type of challenge to trip them up?
Sure. The first question is: which web interface is/was being used?
The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?
I just disabled posting access from that QWKnet node and netmailed the sysop to fix his board before I'll restore posting privileges. --
digital man (rob)
so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000
so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000
Ok, that suddenly makes a lot more sense.
That was the original host that Marisa had for me. There was a major
That was the original host that Marisa had for me. There was a major malfunction and that host was trashed. I asked Marisa to fix it for me and
she rather created a new host where I dos a completely clean install.
I have no access to that host so will ask Marisa to take a look at it. Thanks for your patience.
Re: bots // Adobe After Effects Crack
By: John Dovey to MRO on Wed Jul 06 2022 02:06 pm
so i went on thewayback machine and it appears his web is on
http://elgato.synchronetbbs.org:2000
Ok, that suddenly makes a lot more sense.
That was the original host that Marisa had for me. There was a major
no, that doesnt prove where your host was running when you had attacks.
i just grabbed it from the wayback machine from some other date.
I have a conversation via email I can share with you.That was the original host that Marisa had for me. There was a major
malfunction and that host was trashed. I asked Marisa to fix it for me and
didn't you make backups?
she rather created a new host where I dos a completely clean install.
I have no access to that host so will ask Marisa to take a look at it.
Thanks for your patience.
marissa said that is your host and she disabled it when i told her about spamming. She said you didn't reply to her emails.
are you running your bbs from another host now?Yes. I thought I'd made that clear.
either way, lock it down.I have no access to the old host.
Re: bots // Adobe After Effects Crack
By: MRO to digital man on Sun Jul 03 2022 04:56 pm
Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am
https://idmfullversion.com/movavi-video-editor-plus-full-version/
https://idmfullversion.com/movavi-video-editor-plus-full-version/
So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the
msg subs.
Yup, spammers have been doing that for years.
is it possible to add some type of challenge to trip them up?
Sure. The first question is: which web interface is/was being used?
The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?
I just disabled posting access from that QWKnet node and netmailed the sysop to fix his board before I'll restore posting privileges. --
I've been trying to find where the problem is. So far no luck.
2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--
no, that doesnt prove where your host was running when you had attacks. i just grabbed it from the wayback machine from some other date.
My current host is https://gatofuego.synchronetbbs.org
marissa said that is your host and she disabled it when i told her about spamming. She said you didn't reply to her emails.I have a conversation via email I can share with you.
either way, lock it down.I have no access to the old host.
2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--
I've set new users to 10 and access to all msg groups to >= 51
Hopefully, that will prevent future problems.
2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--
I've set new users to 10 and access to all msg groups to >= 51
Hopefully, that will prevent future problems.
1. Switch to use ecWebv4: http://wiki.synchro.net/config:webv4
2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
I've set new users to 10 and access to all msg groups to >= 51
Hopefully, that will prevent future problems.
Honestly, just disable HTTP registration. It might not be a bad idea for Marissa to do that by default with her Synchronet installs. :)
Heck, it may be a good idea for that to be disabled by default in Synchronet/ecWeb with a great big warning about the potential spam issues if it's enabled. (If it's not done already)
Heck, it may be a good idea for that to be disabled by default in Synchronet/ecWeb with a great big warning about the potential spam issues if it's enabled. (If it's not done already)
really, i'm still not a fan of these web interfaces. they're slow. you can make them look however you want but they're slow. when i had my msg areas on vbulletin that was a lot better. it was fast and feature rich and usable. i had a script that would poll the msg bases via nntp and import.
really, i'm still not a fan of these web interfaces. they're slow. you can make them look however you want but they're slow. when i had my msg areas on vbulletin that was a lot better. it was fast and feature rich and usable. i had a script that would poll the msg bases via nntp and import.
vBulletin is just another web interface though, isn't it?
Also, I remember some sysops running vBulletin who had a spam problem due to users (or bots) posting on the vBulletin interface. Same issue as with ecwebv4 or the Runemaster web interface for Synchronet.
Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 06:42 pm
2. Either don't allow new-user registrations via HTTP or give newusers DM> a network-posting restriction
--
I've set new users to 10 and access to all msg groups to >= 51
Hopefully, that will prevent future problems.
Hm... I'm not sure how well that'll work. Do you expect new users to actually be able to *use* the BBS with no access to any message groups?
Restricting *posting* privileges to networked-groups only is all that was needed and you can do that with a simple restriction flag: http://wiki.synchro.net/access:restrictions --
digital man (rob)
Also, I remember some sysops running vBulletin who had a spam problem
due to users (or bots) posting on the vBulletin interface. Same issue
as with ecwebv4 or the Runemaster web interface for Synchronet.
who was that? i only know of you, me and hax0r from unknownrealm running vbulletin with the nntp hack. if you have your shit wide open, of course you are going to have spam bots.
I've set new users to 10 and access to all msg groups to >= 51
Hopefully, that will prevent future problems.
posting spam to the messgae base. MRO cought that and alerted me. I still didn't want to punish the 90% to 95% good users that register for a few childish brats. I also looked back in my user base, and found that same person registered with many different names. I solved this issue with 2 steps, and was able to leave the system wide open to honest users.
Re: bots // Adobe After Effects Crack
By: DesotoFireflite to John Dovey on Fri Jul 08 2022 03:21 pm
posting spam to the messgae base. MRO cought that and alerted me. I
still didn't want to punish the 90% to 95% good users that register
for a few childish brats. I also looked back in my user base, and
found that same person registered with many different names. I solved
this issue with 2 steps, and was able to leave the system wide open to
honest users.
so did you check the ip address and what email address service were they using? some throw away one?
i've been trying to look for forums that are talking about how easy synchronet bbses are to compromise, but havent found anything yet.
Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:w
v4
; Allow new users to register via the web interface (default: no) user_registration = false
Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised that several of them only knew "how to BBS" via a web interface. Getting legit users like that to register via another means without instruction would be difficult.
Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:w
v4
; Allow new users to register via the web interface (default: no) user_registration = false
If you don't allow web registrations, is there a screen that will give the user instructions on how to register so they can access the web interface?
Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised that several of them only knew "how to BBS" via a web interface. Getting legit users like that to register via another means without instruction would be difficult.
I had that problem a few years back. I disallowed HTTP registrations.
I thought about allowing HTTP users to register, and then putting them
into a separate security group to be manually validated with access to
post locally only, but it just didn't seem worth it, and I wasn't sure
if I could segregate HTTP registrations off from regular BBS signups.
Honestly it probably would have been easier to create some kind of
database bridge between SMB and MySQL
vBulletin is just another web interface though, isn't it?
yeah but it's good and it's not slow. the synchronet web interface is
slow usually. vbulletin is just better all around.
who was that? i only know of you, me and hax0r from unknownrealm
running vbulletin with the nntp hack. if you have your shit wide
open, of course you are going to have spam bots.
this spamming on the synchronet web interface seems to be a lot more prominent now. like i said, i think someone knows about synchronet
and created a kiddy script for it.
Sysop: | Chris Anderson |
---|---|
Location: | Murfreesboro, TN |
Users: | 2 |
Nodes: | 4 (0 / 4) |
Uptime: | 39:56:15 |
Calls: | 58 |
Files: | 3 |
Messages: | 20,289 |