 |
 |
Hi, all! Well I have tracked down why these people are coming to the sites and signing up to the boards and all that fun stuff. You can delete message now if this is of no interest. I finally ran across a string on a message board detailing the issues I was having on the phpBB installations on one of the web servers. It appears this is a different type of spamming attempt that is related to web page rankings, trying to draw people to malicious or 'great offer' sites. All of the instances in my case can be traced back to Russian addresses and phpBB shows those entries as also being of a Russian language type. What happens is the person signs up on the bulletin board with a false email address and fills in the profile information. In a default phpBB installation even those people who are not active with the board, but are users, are listed in the user list so that all users can see them. At this point their work is done and they sit and wait for people to click on the link they've placed in their profile. They are then shuttled to the bogus site which possibly contains spam-type promotions/products, malware or some other nasty surprises. By doing this they are not only luring the other users to the site, they also use the reciprocal links which now exist in the phpBB profile to increase their rankings in search engines which will also drive the traffic to their sites. Anyway, that is what has been going on. There were no php specific exploits used in this case, only an exploitation of bad coding practices in phpBB. :) Missy Koos Webmistress & Database Developer Student Affairs & Services Michigan State University 113 Student Services Building East Lansing, MI 48824 517.355.9510 x138