LameA__ "PHP website anti-hacking, anti-exploit and anti-spam scri_pt"

[emanmb]

Living now in Bangkok things on the internet have changed for me. Sites are blocked by Thai censors, sites don't work that are in the US and now I've run across this dork who's selling a "PHP website anti-hacking, anti-exploit and anti-spam scri_pt" and unfortunately people are using it and blocking me with that!

I tried to access a site (http://lightzoneproject.org/) for their software which was recommended to me, and was greeted by this lovely message.

http://i190.photobucket.com/albums/z210/em...28at10624AM.png

There is no recourse, no way to communicate with the site to let them know I am being blocked, nor anyway to let them know the product they bought is sh**.

So I went to the makers website www.spambotsecurity.com/zbblock.php‎ and of course I get the same lame-a__ message so I can't even contact him.

So I found a youtube video promoting this junk and posted my complaint there as there is no other way to get to them. I use True Internet Thailand, probably the largest ISP here and my IP is 115.87.125.158.

Here is the discussion.

Me: I tried going to one of your client's sites yesterday and was greeted by a lovely message claiming I was a bothost. I use True Internet Thailand. I then went to whatismyipaddress and checked my IP (124.120.244.150) and found that 95%+ found my IP to be NOT blacklisted. I don't know if it is your product or poor implementation by the site owners/builders, but having to access a site via Tor browser just to view it is BS usually reserved for getting around censors.

Me: I just tried to go to your site spambotsecurity and got the same message saying 403 I am a bothost. Great job guys in blocking non-spamming non-blacklisted IP's.

Him: Just do a google search on "asianet.co.th spam" and see what turns up.

Due to personal experience with spam from that ISP, and the fact they were listed as rfc-ignorant at the time the block against them was instituted, the block remains in effect. HOWEVER:

1. Webmasters can set a trouble-ticket email address in the scri_pt if they so desire.

2. In the ZB Block Manual, there is concise instructions on how to bypass anything around a block.

Him: Sorry, but I forgot to mention I have records of hacks coming from your ISP too. I don't give a whit what other blacklists say, most of my scri_pt is my own, and my users research & experience.

Me: That does a legit user trying to access a global site absolutely no good whatsoever as any communication with the blocked site is blocked.

I don't know who "asia/co/th" is as my ISP is True Internet Co and your "not giving a whit" has blocked, if my experience is mirrored by other True customers, the largest ISP in Thailand for a site (lightzoneproject DOT o r g) that needs to have a global reach as they provide software. Presently there is no way to reach it thanks to your approach....

Me: ...nor can I reach your site to try to rectify the issue. This leaves a legit user trying to access a global site where?

I hate spam as much as the next person but this person/company is, as they say here in Thailand, oVER! They're short changing their clients and blocking legitimate users from accessing their sites.

Argggh! Stymied by the club-fisted approach to internet security!

I did a blacklist search on my IP and here's the screen shot of that.

http://i190.photobucket.com/albums/z210/em...8at114359AM.png

[Edit] img tags converted to links. NO EXTERNAL IMAGES thanks - http://forum.spamcop.net/forums/index.php?...E=01&HID=18

[Farelf]

Sympathy - not that many would ponder it, now you would have an inkling of why the former Australian "Minister for Broadband, Communications and the Digital Economy" (AKA Conjob) was so reviled by so many for so long - http://en.wikipedia.org/wiki/Internet_cens...ip_in_Australia - and why his successor will be similarly unloved. Thailand is a far more extreme case from the sound of it.

Truth is, there is (some degree of) censorship everywhere or, where there isn't, the absence is likely simply to facilitate more effective covert surveillance and/or government/agency "sting" operations in the unending "war against terrorism", "war against child pornography", "war against international crime", "war against illegal arms dealing" or whatever other unassailable and virtuous reasons might be given when "they" the instigators are caught in the spotlight - over either censorship or surveillance.

Any fool can can quote out of context and just to prove it I shall

... Now that this secrecy is often serviceable to a dominion, no one can deny; but that without it the said dominion cannot subsist, no one will ever prove. But, on the contrary, to entrust affairs of state absolutely to any man is quite incompatible with the maintenance of liberty; and so it is folly to choose to avoid a small loss by means of the greatest of evils. But the perpetual refrain of those who lust after absolute dominion is, that it is to the essential interest of the commonwealth that its business be secretly transacted, and other like pretences, which end in the more hateful a slavery, the more they are clothed with a show of utility.

(Baruch de Spinoza - Political Treatise, 1677).

Needless to say, those speaking out against either/both censorship and surveillance become suspected terrorists, paedophiles, whatever. The "genuine articles" are of course never going to draw such attention to themselves nor even, one would think, would they rely at all on the mainstream of the internet or other electronic media unless really stupid. So, the rest of us suffer for the sake of (maybe) apprehending (after the event) a few low-hanging fruit on the tree of criminality.

"O brave new world," eh?

PS - (ummm ... the main point actually, sorry, got carried away) if you can reach www.stopforumspam.com and register there you could talk to zaphod, the regular member there who seems to be the ZB Block - spambotsecurity.com author. Your IP address is not currently blocked by SFS so presumably you can join the forum there and raise your concerns either in public or by personal message (if anti-spamming controls there permit PMs on first joining, I dunno offhand).

[Farelf]

Oh, and have a look at http://www.hotspotshield.com/ (for US expats) or http://www.expatshield.com/ for UK expats, if you can reach them.

[emanmb]

US expat I am, so I went to hotspotshield and was greeted with this!

http://i190.photobucket.com/albums/z210/em...0at124151PM.png

This is how Thai censors greet you. By using http://proxypage.net/ I can get to it. For some reason Tor failed on that site.

www.stopforumspam.com lets me in so I'll have a look 'round, thanks!

It's frustrating enough when Thai censors block you but when over-zealous spam filters get you it just adds to it.

Oh, and have a look at http://www.hotspotshield.com/ (for US expats) or http://www.expatshield.com/ for UK expats, if you can reach them.

[Edit] As said in first post edit - NO EXTERNAL IMAGES, thanks. Img tags converted to link.

[zaphod]

To quote my reply on YouTube:

The site owner did not activate the trouble-ticket system wherewith you would have had an email link to air your problem. I personally would send an email to webmaster[at](the domain of the site) to have them contact me for a bypass to that signature.

But I will also posit to my users that this signature be dropped, as apparently there are humans on that network. But to be honest, the chances are pretty slim they will. Your ISP is known to be spammer/hacker friendly.

When an ISP is repeatedly responsible for spam & hacks, and has very few, if any, actual people visit from it, most of my users (the site owners) want it "thrown under the bus". Those who stay in contact about how to use our scri_pt, in the forums, know there is a trouble-ticket system so we can pay special attention to the few that are blocked wrongly, and make adjustments. The site you were trying to reach does not have said system. And even at that, I rarely have time to check my own.

I go to posit removal of asianet.co.th to my users (this has been part of ZB Block since 2009/2010) from the banned ISP list.

Thanks for your patience.

Zap

P.S. It's really hard to short-change my users for the software, as none of them bought it. It's GNU/GPL V.2 .

[emanmb]

Thanks for any help. I understand the predicament, yet the execution leaves no recourse for a legit person wanting access.

Some message like, "if you feel you've reached this page in error, please contact blablabla w/your IP in the subject" or some such way of filtering out the spam that will probably result just from having any kind of contact info available.

The scri_pt is effective obviously. To make a site impervious to any method of contact makes the user/site seem "unfriendly" in an accusatory kind of way. Maybe 99.999% of the people/bots that reach that message are deserving, I don't know.

To quote my reply on YouTube:When an ISP is repeatedly responsible for spam & hacks, and has very few, if any, actual people visit from it, most of my users (the site owners) want it "thrown under the bus". Those who stay in contact about how to use our scri_pt, in the forums, know there is a trouble-ticket system so we can pay special attention to the few that are blocked wrongly, and make adjustments. The site you were trying to reach does not have said system. And even at that, I rarely have time to check my own.

I go to posit removal of asianet.co.th to my users (this has been part of ZB Block since 2009/2010) from the banned ISP list.

Thanks for your patience.

Zap

P.S. It's really hard to short-change my users for the software, as none of them bought it. It's GNU/GPL V.2 .

[zaphod]

Actually, on my site, I did have the trouble ticket system on. There should have been a line that looked like this:

The webmaster of this site has decided to provide you with an e-mail link to start a trouble ticket about this block.

Please do not change the beginning of the subject line, nor the preamble of the body text.

Click HERE to start a trouble ticket.

That link would have sent you to your e-mail client and pre-filled any pertinent data needed to confirm, or write a bypass for you on the block.

But... that's all beside the point.

So far, on my site, there is one vote for removal, and I am remaining neutral.

As of now, on SpambotSecurity (dot) com, your access should be re-enabled. Until the lot decides, it's a provisional removal.

Zap

[zaphod]

And the removals have it.

As of beta-signature release 74c , your ISP will be on probationary pass.

The signature will be kept, but commented out in signatures.inc .

It will be up to the site owners to update to 74c and remove your IP from ippbdb.csv , but the ban will be lifted.

Zap

P.S. Just released said update. The notice and download link is at: http://www.spambotsecurity.com/forum/viewt...;p=14146#p14146

[emanmb]

That is very cool zap.

My hope is that by doing so it won't open a floodgate of spam causing problems for your users and make me look like a horse's patoot.

Much appreciated and your users are lucky to have such a responsive supplier.

e

And the removals have it.

As of beta-signature release 74c , your ISP will be on probationary pass.

The signature will be kept, but commented out in signatures.inc .

It will be up to the site owners to update to 74c and remove your IP from ippbdb.csv , but the ban will be lifted.

Zap

P.S. Just released said update. The notice and download link is at: http://www.spambotsecurity.com/forum/viewt...;p=14146#p14146