[Systems] New Wiki spam
fgrose at sugarlabs.org
Fri Jul 17 10:10:31 EDT 2009
On Wed, Jul 15, 2009 at 10:32 PM, Chris Leonard <cjlhomeaddress at gmail.com>wrote:
> On Wed, Jul 15, 2009 at 10:50 AM, Frederick Grose <fgrose at gmail.com>wrote:
>> Please see the user creation log and many spam pages added on 15 July
>> 2009, http://wiki.sugarlabs.org/go/Special:RecentChanges.
>> We have this problem on wiki.laptop.org as well, see
>> Chris suggested that we may need a page creation restriction, such as
> Just to clarify, there are two dominant styles of wiki vandalism these days
> on w.l.o (and apparently now on w.sl.o).
> Style 1 (mostly on w.l.o)
> Repetitive creation of a number of specific pages in Main space containing
> only a link. These pages are created by a rotating series of anon IP
> It is this type that I think could be addressed by a page creation blocking
> tool. The same pages created are generated by some HTTP request that appears
> to be immune to normal IP blocking, very odd. The same pages are created
> over and over again. Given how fast they are created, I'm reasonably
> confident that this is being done by a bot that looks to see if these pages
> have been deleted and recreates them (with a different spammy URL) probably
> as some form of SEO link indexing spam motive.
> I've blocked a lot of anon IPs, but they just change uo, only sometimes do
> the IP addresses repeat. I've deleted the same 20-odd pages many times.
> Style 2 (on w.l.o and now most recently on w.sl.o)
> Creation of a new user with the naming pattern of
> (nnn) buy (some drug name)
> where nnn is some three digit number and the drug names vary.
> and the population of that user's page in User space with a series of
> spammy text and links.
> I have handed out a lot of infinite blocks (as these are unacceptable user
> names) and deleted a lot of pages (because the user pages are spammy), but
> this pattern represents a very large possible namespace and there are a very
> large number of possible combinations of this naming pattern.
> For this type of attack I am guessing that an improved CAPTCHA on user
> creation is needed.
> I would encourage systems and wiki-gang to collaborate on automated or
> systemic solutions to these attack types. I'd love to have a
> countervandalism bot installed (there are wikipedia examples that merit
> investigation). I've been stomp on these attacks, but it is getting sort of
> old. Any help would be appreciated. As I am soon ot be unemployed (in
> about two weeks) and fully engaged in the job hunt, it will cut into my time
> available to vandal-stomp, resulting in the build-up of the attacks I have
> been manually countering.
A variation of 2 is occurring on dev.sugarlabs.org as well,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Systems