rohan
07-08-2006, 06:53 PM
Recently a bot using the name FuntKlakow, has been registering to at least hundreds (maybe thousands) of phpBB forums. It is susspected that the bot will take advantage of an exploit in phpBB froums, that might not be known yet. In other words the next time phpBB announces a critical vulnerability, the bot would have everything ready (just a post away) from attacking thousands of sites/forums.
The Defence
Best defence against these kinds of bot-members, might be setting up honeypot-forums, which the search engines can find but to which there are no permanent links from the web. When new bot-members are detected, such would be listed at each particular forum makers homepage.
When a bot would then try to register to a forum, the forum program would check the user/bot inputted user-name (or other characteristics) and if those would match to those catched by a honeypot-forums, registerin such user detais would be eliminated ( and possible IP banned for some time)
Source (http://www.issociate.de/board/post/312809/phpBB_mass-hack_being_prepared_)
The Defence
Best defence against these kinds of bot-members, might be setting up honeypot-forums, which the search engines can find but to which there are no permanent links from the web. When new bot-members are detected, such would be listed at each particular forum makers homepage.
When a bot would then try to register to a forum, the forum program would check the user/bot inputted user-name (or other characteristics) and if those would match to those catched by a honeypot-forums, registerin such user detais would be eliminated ( and possible IP banned for some time)
Source (http://www.issociate.de/board/post/312809/phpBB_mass-hack_being_prepared_)