[unisog] web spam

power less absolutelynopower at gmail.com
Sun Jul 8 19:02:00 GMT 2007


I did a little investigating around our part of the google search repository
and found that plenty of spamming
has gone on as Sans pointed out: (try filetypes besides html eg php,
shtml...)
http://isc.sans.org/diary.html?storyid108

Besides blogs and wikis getting spammed into oblivion it looks to me like
some kind of server vulnerabilities are exploited.
Regarding the former, has someone come up with some good drop in solutions
for protecting against comment spam? This is way too many steps for a drop
in
solution :-)
http://www.boutell.com/newfaq/creating/captcha.html

http://en.wikipedia.org/wiki/Captcha
http://www.thepcspy.com/kittenauth
http://www.gigoit.org/humanauth/

Also everyone isn't running a php based web site.

But then I came upon this one:
http://research.microsoft.com/asirra/
Now that's more like it. I'm talking about *how* they did it, what the web
master has to do to use it. This strikes me as much more
platform/environment independent than many other solutions.   I'm aware that
there are possible technicalities about whether some spammer could download
all the images. But I wonder if the methodology is good enough to be
implemented at edu institutions for their own purposes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sans.org/pipermail/unisog/attachments/20070708/5cbf141c/attachment.htm 


More information about the unisog mailing list