Quoting Niels Svennekj?r (suppressed): > Hi > > In some of my shops, someone have started to post all strange of > references to other url's. > > Common for all the forum postings are that > - they are related to the product > - the postings are comming from a few seperate IP's > - the IP's seems to be hacked windows computers. > - the url they are pointing to seems not to exist (remote host says > somthing about "account are closed due to abuse") > - they go directly to the forum/reply.html link > > Have other of you seen this ? > What was your countermeassures ? I see lots of this "guestbook and forum spam", mostly from rogue hosting providers like theplanet.com. I have firewalled theplanet from most of the servers I control. Another thing I do on many catalogs is have a script in Autoload which checks the user's IP address against cbl.abuseat.org or sbl-xbl.spamhaus.org (I posted it here once). That is useful for commerce sites, because many fraudulent orders come from open proxies. -- Mike Heins Perusion -- Expert Interchange Consulting http://www.perusion.com/ phone +1.765.647.1295 tollfree 800-949-1889 <suppressed> Being against torture ought to be sort of a bipartisan thing. -- Karl Lehenbauer _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.