Spamfilter for Sex Pages
Spamfilter for Sex Pages
hi all
Every Days connect a proxy User and post in a Query this Text
[19:44:46] <onzad> i saw your girlfriend on cams2006.com )
The Text is variable
Have idea for a spamfliter on Cams whit Wildcard tho Block this Text?
Sorry for my english
German:
Es connecten jeden Tag Users mit Proxy und schreiben flogendes ins Query mehreren Usern
[19:44:46] <onzad> i saw your girlfriend on cams2006.com )
Kann jemand ein Spamfilter Entwerfen auf cams mit Wildcards so dass es den ganzen Text blockt?
mfg
Every Days connect a proxy User and post in a Query this Text
[19:44:46] <onzad> i saw your girlfriend on cams2006.com )
The Text is variable
Have idea for a spamfliter on Cams whit Wildcard tho Block this Text?
Sorry for my english
German:
Es connecten jeden Tag Users mit Proxy und schreiben flogendes ins Query mehreren Usern
[19:44:46] <onzad> i saw your girlfriend on cams2006.com )
Kann jemand ein Spamfilter Entwerfen auf cams mit Wildcards so dass es den ganzen Text blockt?
mfg
Code: Select all
spamfilter {
regex "cams2006\.com";
target private;
action gline;
reason "exit.";
};
A network I visit regularly is being hit with this bot also (atleast assuming its the same bot, usually has the same host mask, with minor changes because its a dialup, so it changes on the class C end of it), but the problem is thats not the only line it, it spams multiple different sites, most likely which contain a trojan or some crap.
Its nickname and ident are always the same thing, but rotate (Always 5 letters long, seemingly 5 lower case letters that are randomized).
Its real name though however on every one is the same, simply though its just 'Real Name', but doing a full broad filter or even a SGline maybe to block that would be bad, as I'm sure there are clients out there which default as that?
Its nickname and ident are always the same thing, but rotate (Always 5 letters long, seemingly 5 lower case letters that are randomized).
Its real name though however on every one is the same, simply though its just 'Real Name', but doing a full broad filter or even a SGline maybe to block that would be bad, as I'm sure there are clients out there which default as that?
Synaptic Technologies | alexisNet | Script System
- nate / synapt -
- nate / synapt -
-
- Posts: 17
- Joined: Fri Apr 01, 2005 1:31 am
- Contact:
Hallo,
We've been getting those bots too, and they have been spamming other stuff, so we just banned the entire ISP with as much other info as we could.
Here are some things I gleaned from our spamfilter logs:
I used this to spamfilter them:
We've been getting those bots too, and they have been spamming other stuff, so we just banned the entire ISP with as much other info as we could.
Here are some things I gleaned from our spamfilter logs:
Code: Select all
[email protected]:Real name
[email protected]:Real name
[email protected]:Real name
[email protected]:Real name
[email protected]:Real name
Code: Select all
/spamfilter add u gline - Spam ((?-i:[a-z]{5}))!~\1@pc[0-9]{2}\.zippcomplex\.iasi\.rdsnet\.ro:Real name
-
- Head of Support
- Posts: 2085
- Joined: Tue Jun 15, 2004 8:50 pm
- Location: Chino Hills, CA, US
- Contact:
Why not
Code: Select all
/gline 0 ~*@*.zippcomplex.iasi.rdsnet.ro Due to abulsive connections from this ISP, it is now required that users connecting from this ISP enable identd
-
- Posts: 17
- Joined: Fri Apr 01, 2005 1:31 am
- Contact:
Stealth, it is pretty rare for someone to write a good attack script that cant be spamfiltered. And even then, you can usually trapchan it or something. I dont think he has to worry about this. Unless the attacker reads here he wont know the reason his bots are found out. IMO, a spamfilter is the better solution to this until the attacker gets a brain (unlikely). Its probably a canned script anyhow, and the attacker has no idea how to do anything to it.
Why the hell can't my signature be empty?
"Your message contains too few characters."
"Your message contains too few characters."