Would it be possible to obfuscate the registration page a little, such as replacing the text with numeric entities, or mixing things up a little for each page view?
Overwhelming? How much more than whelming would that be exactly?
Anya ,'Touched'
Buffistas Building a Better Board ++
Do you have problems, concerns, or recommendations about the technical side of the Phoenix? Air them here. Compliments also welcome.
Tom Scola - Aug 31, 2005 6:26:45 am PDT #471 of 4671
Mr. Scola’s wardrobe by Botany 500
DXMachina - Aug 31, 2005 6:35:27 am PDT #472 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
I think all we really need to do to fight this particular script is just reject any user names or e-mail addresses that contain "@buffistas.org."
§ ita § - Aug 31, 2005 6:36:00 am PDT #473 of 4671
Well not canonically, no, but this is transformative fiction.
Would it be possible to obfuscate the registration page a little, such as replacing the text with numeric entities, or mixing things up a little for each page view?
Well, the attack is meant to hit e-mail form pages, which is one reason it's not working so well on the reg page. I don't think they mean to be registering. Obfuscation wouldn't be of further help.
DXMachina - Aug 31, 2005 6:37:38 am PDT #474 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
Which also makes me wonder why they haven't gone after www.buffistas.org/email.php.
§ ita § - Aug 31, 2005 6:42:46 am PDT #475 of 4671
Well not canonically, no, but this is transformative fiction.
Maybe it is obfuscated? I have no idea. It's not the brightest attack.
Consuela - Aug 31, 2005 7:25:40 am PDT #476 of 4671
We are Buffistas. This isn't our first apocalypse. -- Pix
reject any user names or e-mail addresses that contain "@buffistas.org."
So... they're trying to register as a Buffista with a Buffistas address? that... doesn't make a lot of sense.
§ ita § - Aug 31, 2005 7:26:51 am PDT #477 of 4671
Well not canonically, no, but this is transformative fiction.
Script kiddies never make sense -- it's not a person, probably, just a bot.
§ ita § - Aug 31, 2005 9:45:52 am PDT #478 of 4671
Well not canonically, no, but this is transformative fiction.
DX, the code should now block both usernames and registration addresses with buffistas.org in them.
DXMachina - Aug 31, 2005 9:55:59 am PDT #479 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
Cool. Now, if we could just flood the originating IP with messages that all say "GET OUT! GET OUT! GET OUT!" it'd be perfect.
Frankenbuddha - Aug 31, 2005 10:48:02 am PDT #480 of 4671
"We are the Goon Squad and we're coming to town...Beep! Beep!" - David Bowie, "Fashion"
Cool. Now, if we could just flood the originating IP with messages that all say "GET OUT! GET OUT! GET OUT!" it'd be perfect.
Water. Out. My. Nose.