Posts: 638
Threads: 9
Joined: Feb 2003
My brother asked me for a good place to find info about instances, and I ponted him to the Amazon Basin wiki pages. A few minutes later he asked me where the heck had I sent him, so I checked the link myself:
http://wiki.theamazonbasin.com/index.php/Main_Page
(For future reference: All it shows is a bunch of links to some plishing/scam/spam site, haven't actually clicked the links to see where they go but they're obviously spammy in nature).
So, just a heads up and wondering what happened :)
Posts: 741
Threads: 71
Joined: Jul 2005
I went and replaced it with the last version of the webpage. Man. Some people.
Posts: 638
Threads: 9
Joined: Feb 2003
10-20-2005, 07:16 PM
(This post was last modified: 10-20-2005, 07:36 PM by Walkiry.)
Tuftears,Oct 20 2005, 07:57 PM Wrote:I went and replaced it with the last version of the webpage. Man. Some people.
[right][snapback]92783[/snapback][/right]
Good show.
Also, I think you guys should check who made the changes, as it can mean a few things:
1. Someone in the AB decided to cash in some spam cash (unlikely).
2. Someone cracked the server (less unlikely, but not very likely).
3. Someone is using a weak password and the spammer got in that way (the most likely).
4. Someone has a trojan in their computer has is leaking usernames/passwords (less likely, as these are usually done to get credit card numbers and bank logins and such).
EDIT: After reading this again, let me clarify that I was just suggesting that an account may be compromised and is worth checking, not trying to tell the folks at the AB what they have to do ^_^
Posts: 741
Threads: 71
Joined: Jul 2005
Actually the wiki is free-registration so all anyone has to do is create a user... They're on record, but a wiki administrator will have to ban their IP address.
Posts: 638
Threads: 9
Joined: Feb 2003
Tuftears,Oct 20 2005, 08:44 PM Wrote:Actually the wiki is free-registration so all anyone has to do is create a user...
[right][snapback]92788[/snapback][/right]
Ah! I though it was more restricted. Now my post looks silly ^_^
Posts: 97
Threads: 0
Joined: May 2005
This has actually happened a few times. It's unfortunate, but that's what you get with an open document like this... some strangers will pop by and contribute, and some will deface it.
Posts: 1,201
Threads: 22
Joined: Feb 2003
Tuftears,Oct 20 2005, 02:57 PM Wrote:I went and replaced it with the last version of the webpage. Man. Some people.
[right][snapback]92783[/snapback][/right]
Looking there, 2 hours after you fixed the spam on the first page, it was changed back to spam on the main page againby another user name. From that, I would say that there needs to be a better form of registration in place to be allowed access to modifing those pages. Apparently at least, its only the main page that is being changed to this spam crap. I suspect that it is from some bot going around to any wiki site that has poor security in place for access.
Posts: 97
Threads: 0
Joined: May 2005
Well, we also have a complete stranger on another server who contributed an awful lot to our ZG section, so I don't know that stronger security is the answer. Luckily, wikis are made so that it's easy to revert to a prior version of the page.
Posts: 1,201
Threads: 22
Joined: Feb 2003
martini,Oct 21 2005, 12:16 PM Wrote:Well, we also have a complete stranger on another server who contributed an awful lot to our ZG section, so I don't know that stronger security is the answer. Luckily, wikis are made so that it's easy to revert to a prior version of the page.
[right][snapback]92846[/snapback][/right]
Sign up schemes that require a 15 minute to 1 hour delay before using will not usually deter anyone that has a legitmate desire to post on a forum (or Wiki in this case. But that will usually stop any spammers from bothering to do anything since they are in need of hitting as many sites in as little time as possible; just too much trouble for most to bother backtracking to place their spam. This also holds for bots that scour for quick ones to change.
Other schemes that discourage this situation are having validation codes sent to an email address or having to type in a code read off of distorted .jpg/.gif image. These do not need to be hard for a an average user to go through, just troublesome enough to make the spammers or bots not to bother with.