FuntKlakow - Mass attack on phpBB based forums
Posted: 2006-03-22 02:46pm
http://www.issociate.de/board/post/3128 ... g_prepared_
Spread the word.The Article wrote:phpBB mass-hack being prepared (FuntKlakow-bot)?- general countermeasures
During the last few days a bot using a name FuntKlakow, has been
registering to at least hundreds (maybe thousands) of phpBB forums.
http://www.google.com/search?hl=com&q=F ... tnG=Hae&me ta=
Bot is also capable for posting to forums:
http://forum.uebimiau.org/search.php?se ... =FuntKlako w
http://www.alternativ.ro/forum/search.p ... uthor=Funt Klakow
But most on most forums the bot keeps silent.
Ok, what is a danger?
Next time the phpBB announces a critical vulnerability, the bot would
have everything ready (just a post click away) from attacking
thousands of sites/forums.
Best defence against these kinds of bot-members, might be setting up
honeypot-forums, which the search engines can find but to which there
are no permanent links from the web. When new bot-members are
detected, such would be listed at each particular forum makers
homepage.
When a bot would then try to register to a forum, the forum program
would check the user/bot inputted user-name (or other characteristics)
and if those would match to those catched by a honeypot-forums,
registerin such user detais would be eliminated ( and possible IP
banned for some time)
Juuso Hukkanen
(to reply by e-mail set addresses month and year to correct)
ps. damn <control-N> did send an early draft of this post
