Spacequad AntiSpam Services - Insecure sites are the spammers favorite place

Insecure sites are the spammers favorite place

Wednesday, March 05 2008 @ 06:13 PM EST
Contributed by: Michael Brusletten
Views: 127

For those that have to have a forum located on their website, it is no longer feasable to just plug and prey that everything is going to work out for you. You MUST ensure that your domain is secure from hackers and spammers taking over your site to use it as a hosting place for their SPAM postings. There are several forum scripts out on the internet today that are so insecure, that most script kiddies can have them rewritten or maybe they created a user account that was esculated to root access. From there the spammer can do just about anything they want. About ninty-five percent will just give themselves root/admin privaledges and do their damage and move on.

What has to be done is for the creators/programmers of these insecure CMS and forums to be more proactive in figuring out how to make their script and programs more secure. They have to have built in safe gaurds to help protect the site operators from these criminals that just stop by and post without any security in place. The spammers are taking full advantage of the fact that these sites are easy targets and will not stop. We've seen Government sites that have insecure software forums being abused and it could have been easily prevented. Either by including some type of varification that the user has to go thru or some type of filter that scans the new postings as they are created. We are not going to go into what forums or CMS's are insecure or secure, because this would be beyond the scope of this article and needless to say also it would put undue harm on the software groups out there that are trying to get their software more secure. The best thing you can do is basically shop around and read the forums sites of the developers. Other places to look is be doing a search on the internet to find out all about the quirks before downlaoding and installing something that your not going to be happy with later. Keep in mind, just because a a forum or CMS looks great, doesn't mean that its secure enough. The look and feel of almost all sites can and usually are customized by themes.

Some of the thing that can be done with these insecure domains is to set manual registrations for approvals before they can post. Also setup an email address for anyone that runs into problems with spammers on the spammed sites. This way there would be a place for people to report this type of crime.

If your concerned about your current forum or CMS, then please do yourself a favor and start looking into getting a new or updated version as these spammer are relentless in their endevors to try and post their vial junk ads on your site.

Take our site here for example, we allow anyone to post as long as they do it legitly and not by using some type of auto robot poster. The safe gaurds we have in place are the captchas, spam detection routines like bad behavior and spam-x. Registration allows you to post without having to go thru captcha but the post still has to go thru the other filters. We have not had a spam problem in few years now and are happy about how we have things setup.

One last thing. If your happy with your setup and are not having issues with spammers clogging and using your resources, then stick with it. However, if you find that your being attacked more than you should be, then PLEASE, take the time to get the needed updates or go with other software that can deliver on security. Just because it has a nice wrapper when you downloaded it to begin with, doesn't mean that its secure. Wrappers or themes as its known, can be changed and customized to your tastes.

Trackback

Trackback URL for this entry: http://www.spacequad.com/trackback.php/Insecure_sites_are_the_spammers

Insecure sites are the spammers favorite place | 1 comments | Create New Account

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Insecure sites are the spammers favorite place

Authored by: Michael Brusletten onThursday, March 06 2008 @ 03:43 PM EST

Shortly after the initial article was posted I decided to look up one of the forum sites that puts out the software thats been causing problems with the spam postings. After finding the correct site to see what was going on, I figured I'd read as much as I could about their exploits that they are having difficulties in closing up. After finding out that they really didn't have a good mod or plugin for combatting spam, I decided to post a message with a possible solution for what they could do to get this problem fixed before their next release.

After waiting a few hours to see if anyone else had read the post I had made or even a reply maybe. To my surprise, the post was deleted off of their forum. There wasn't anything obtrusive or bad about the posting I had made. So the only thing I can think of is that the programmers are not willing to hear new ideas for solutions. I was going to be hessitant in mentioning this forum software that is so insecure out of the box, but after being blown away by the developers actions, I will mention them here. People, if your looking for a forum software that looks nice but full of security bugs, then Snitz Forums 2000 is for you. Don't come crying back to us because I didn't warn you about the potential problems.

So far I've been able to find over 200 sites that have been spammed and 14 that have actually been hacked. Now the sites that have been hack may not have been the fault of Snitz with their programming, but sure doesn't lend credance to my findings in the antispam circles. So my thoughts, stay away from this software until they get their act cleaned up.

---
You have the right to say whatever wish.
But just as you may not open my door to say it, you also may not put it in my email box. Your Spam stops at my firewall!

[ Reply to This | # ]

Insecure sites are the spammers favorite place

What's Related

Story Options

Trackback