[url]phpBB mass-hack being prepared (FuntKlakow-bot)?- general countermeasures
[quote]During the last few days a bot using a name FuntKlakow, has been
registering to at least hundreds (maybe thousands) of phpBB forums.
[url]FuntKlakow - Google Suche ta=
Bot is also capable for posting to forums:
[url]http://forum.uebimiau.org/search.php?search_author=FuntKlako[/url] w
[url]http://www.alternativ.ro/forum/search.php?search_author=Funt[/url] Klakow
But most on most forums the bot keeps silent.
Ok, what is a danger?
Next time the phpBB announces a critical vulnerability, the bot would
have everything ready (just a post click away) from attacking
thousands of sites/forums.
Best defence against these kinds of bot-members, might be setting up
honeypot-forums, which the search engines can find but to which there
are no permanent links from the web. When new bot-members are
detected, such would be listed at each particular forum makers
homepage.
When a bot would then try to register to a forum, the forum program
would check the user/bot inputted user-name (or other characteristics)
and if those would match to those catched by a honeypot-forums,
registerin such user detais would be eliminated ( and possible IP
banned for some time)
[/quote]
more comments here
[url]http://www.digg.com/security/phpBB_mass_hack_being_prepared_[/url]