FuntKlakow

spaceman · Posted: 3/17/2006, 3:31 pm Post subject: FuntKlakow

Got a user of this name? One such has just registered on mine. I was a bit suspicious as the board is new and the name so unusual so I tried googling it. 1 of the results I got was:
http://www.gyptis.org/modules.php?name=Newsportal&op=article&id=21061&group=comp.security.misc

Ex0dus · Posted: 3/17/2006, 5:20 pm Post subject:

If it really is such a danger, just delete it =/

Then start taking all kinds of bot preventive measures to protect yourself from bots in general. I dont have this one on my forum =/

-Ex0dus

Truestar · Moderator

area51.phpbb.com was talking about this, almost every reply was an admin with this guy registered. I also have him on my board.

Do bots post? Because this guy does.

Oh well, time to delete him! Smile

_________________
Truestar
Xbox Live: xTruestarx
Visit phpBBhacks.com for your phpBB templates, graphics, and modifications
Visit ManagingCommunities.com for tips on running a forum. Get advice from site management to the politics of running a forum.

Niksa · Posted: 3/22/2006, 1:51 am Post subject:

I'd delete him.

Everything I've read shows it's bad news. Supposedly a bot that has over 40k registrations. Apparently waiting for the "next huge phpbb exploit". :/

Ex0dus · Posted: 3/22/2006, 6:01 am Post subject:

We may not have to wait too much longer on that one. One of my users reported that his forum got hacked and the only registered user on it besides him was the bot known as funtklakow.

While its not definitive proof that it is working to break into a board or that it was successful, it is quite unnerving. He reported this just hours after the post here about it.

My personal advice is to disallow the name. This should act as a pre-emptive ban on the user. Of course you should set at least e-mail verification on as well and in general tune up your security settings. Those are just the steps i took though ^_^

-Ex0dus
_________________
The home of the Sv2 Network Forums and MetaBB!

dojo · Posted: 3/25/2006, 5:13 pm Post subject:

Got it on my movies forums. Then I read about this in a webmaster forum, deleted the user and warned my people in my own webmaster forum to keep a close eye on it
_________________
Webmaster articles, tutorials and topics

Niksa · Posted: 3/28/2006, 1:53 am Post subject:

For the people who have him on your forum, do you have Visual Confirmation on?

Truestar · Moderator

I believe I did, yes.
_________________
Truestar
Xbox Live: xTruestarx
Visit phpBBhacks.com for your phpBB templates, graphics, and modifications
Visit ManagingCommunities.com for tips on running a forum. Get advice from site management to the politics of running a forum.

Thoul · Posted: 3/28/2006, 2:29 pm Post subject:

I've gotten a couple of bots registering on my forum this week that somehow bypassed my visual confirmation, too. They weren't FuntKlakow, but one of them did try to spam my forum. It only failed because the bot accounts were set to use themes_id 1 (subSilver), which is not present on my forum.
_________________
Phantasy Star: The Fringes of Algo | phpBB Smith

Ex0dus · Posted: 3/31/2006, 2:26 pm Post subject:

If yorue talking about the default phpbb visual confirmation, it is now pretty easily breakable by bots. Thus I am changing the visual confirmation (among other things) in the next edition of my forum. I am going to be using this visual confirmation. The ponly problem with it that sometimes its so hard to read that not even people can figure out what the letters are ^_<

-Ex0dus
_________________
The home of the Sv2 Network Forums and MetaBB!