OddOne's White LED Info just got a major upgrade!

OddOne

Enlightened
Joined
Mar 5, 2003
Messages
495
Greetings flashfreaks!

It's me, back on the attack after a bit of a hiatus borne of way too much work. I got Sasha's okay to drop a little morsel of news regarding my LED website.

The news is that OddOne's White LED Information has been HEAVILY upgraded. (URL's in my sigline.)

The site was until today using PHPnuke (a popular open-source CMS), but I was having really bad problems with adbots and skript kiddies running roughshod over my site by way of security vulnerabilities and exploits in PHPnuke. So, I replaced PHPnuke with GSE, a website engine I've been working on for my software company. GSE's much more security-centric (it'll tell me WHAT security breach was tried, who tried it, how many times they tried it, and autobans after X number of attempts to break in) than PHPnuke was, and that let me turn stuff back on that I had to turn off before. It's funny how many adbots I've been watching bounce off the site since the engine change!

I've copied over all of the articles from the old OWLI, but user accounts don't translate so it's a clean slate there. So, folks that had accounts might want to drop by and cook up a new one real quick. Folks that have contributed content might also want to let me know what their old username was, or use the same user and E-mail address as their old, so that I can grant authoring access.


Also, I'm restating my open invite for CPFers to contribute writeups for OWLI. As long as it relates to LED tech in some manner it's probably apropos to OWLI. And, I can extend authoring capacity to folks that want to do regular or semi-regular article submissions - the site's administration backend uses the Xstandard WYSIWYG editor plugin, so making page content's rather easy and the resulting page is standards-compliant so non-browser apps and equipment (WAP-capable cellphones, Braille terminals and page readers for the blind, etc.) can access/display the content.

That's all for now... We now return you to the previous program, already in progress...

oO
 

greenLED

Flashaholic
Joined
Mar 26, 2004
Messages
13,263
Location
La Tiquicia
I was wondering where you had gone. Yours was one of the first sites I visited when I decided to start modding stuff. :twothumbs
 

OddOne

Enlightened
Joined
Mar 5, 2003
Messages
495
To give an idea how badly PHPnuke sites get pounded by adbots, I've got over 50 referrers in my list that are derivatives of poker website URLs. In the past HOUR. I'm modifying my stats code to let me peer into where the bots are coming from host-wise, so that I can start banning them en masse. :mad:

Most of the articles on the old sites had at least five comments each that were nothing but long bunches of links to poker sites, etc. If only there was a way to destroy the bots remotely...

I'm waiting with bated breath to see who trips the security monitor first and gets banned by the site engine. :popcorn:

oO
 

IsaacHayes

Flashlight Enthusiast
Joined
Jan 30, 2003
Messages
5,876
Location
Missouri
Wow, I wasn't aware of adbots that post advertising stuff in comments forms. That's just really low-life and ignorant! How rude!! But I guess it's not that surprising. I wish that the internet was back like it was in the early 90's, where it wasn't ruined by a-holes!

I'll defaintly have to come back and check out the site some more. I haven't been there in a while!
 

OddOne

Enlightened
Joined
Mar 5, 2003
Messages
495
Just activated the engine's picture gallery system so folks will be able to submit pics of their creations and show 'em to the world.


IsaacHayes said:
Wow, I wasn't aware of adbots that post advertising stuff in comments forms. That's just really low-life and ignorant! How rude!! But I guess it's not that surprising. I wish that the internet was back like it was in the early 90's, where it wasn't ruined by a-holes!

I'll defaintly have to come back and check out the site some more. I haven't been there in a while!

Oh yes, they are. I know of one bot designed specifically for phpBB that will create an account and post messages into the board with contextually nonsensical Engrish questions (which made it easy to spot) and ads in the sigline. It even quotes the random message it's replying to.

And since it's written FOR phpBB it infiltrates by doing what a regular user would - creating a VALID account, authenticating it, and then posting through the normal post mechanisms of the forum software. It would even properly respond to captcha images (the "type the security code" part).

I found a way of dealing with that one though. Since it always uses "nopass" for a password I wrote a little PHP script that checked the user table for the hash for "nopass" (as passwords are not stored in plaintext form), pulled out the IPs that user account came in on, and added all of them to the ban list. I cronned it to run at 2 AM every day and voila, THAT adbot issue was dealt with on its own. :D

oO
 

OddOne

Enlightened
Joined
Mar 5, 2003
Messages
495
My GOD the site's getting pounded. Several thousand hits from bots alone, and another several thousand from actual visitors...

oO
 

OddOne

Enlightened
Joined
Mar 5, 2003
Messages
495
A couple weeks later...

Thus far I've stopped several thousand adbots and thwarted over 100 active attempts to compromise site security. Most of the efforts to break in were trying various PHPnuke/phpBB exploits (mainly SQL injections, with a few session hijacks thrown in for good measure), but a few were cases of someone deliberately working to pry a joint in the armor. One very persistent skript kiddie's bot set to autopilot tried ColdFusion exploits on roughly half-hour intervals for a solid day.

One of the site engine's modules (simply named GSE Integrated Security) slammed the door shut on them all, after logging the gory details for my own amusement. The perpetrator of the ColdFusion exploit attempts was autobanned about two hours into his day-long hackathon, and the engine ignored everything he sent after that.

Also, as of this point, no adbot has successfully penetrated the site. The 30 most oft-seen offenders got added to the engine's redirector (which can point a client to a specific page - in this case, adbots to the "banned" page) and they all dropped off the visitors list. Adbot-free at last!


It's almost time to get some new articles written up! :D

oO
 

The_LED_Museum

*Retired*
Joined
Aug 12, 2000
Messages
19,414
Location
Federal Way WA. USA
My website about an infomercial vacuum occasionaaly gets its guestbook spammed en masse by websites for online poker, Texas Hold Them, casino slots, and similar horse puckey. On a website about a vacuum cleaner...on a site with relatively little traffic. :mad:

Even when I removed the guestbook for awhile, these messages would appear in it - smells like "adbot" to me.
 

OddOne

Enlightened
Joined
Mar 5, 2003
Messages
495
tvodrd said:
:wave: oO

Larry

Back atcha. :wave: :grin2:


The_LED_Museum said:
My website about an infomercial vacuum occasionaaly gets its guestbook spammed en masse by websites for online poker, Texas Hold Them, casino slots, and similar horse puckey. On a website about a vacuum cleaner...on a site with relatively little traffic. :mad:

Even when I removed the guestbook for awhile, these messages would appear in it - smells like "adbot" to me.

Yep, that'd be adbots. If it can log in - or better, doesn't have to - in order to drop a steaming pile of freshly excreted advercrap, it will.

oO
 
Top