This attack is hard to prevent. We have a ton of anti-spammer type controls in place here that work pretty well. There are hundreds (some days thousands) of attempts to sign up new accounts. All of those are validated through anti-spam databases. Even after someone gets past that, their first few posts have a pretty stringent spam filter, so it catches them before it is shown to others, and they can be easily deleted.
But - just the process of attempting to log in, it's hard to block ahead of time. Yes, I can list any individual IP address or network to be blocked to the forum, but it becomes an unwinnable game of whackamole. I haven't seen a dupe IP yet in the hundreds of notifications I've looked through. And there is no provision for vBulletin to dynamically check an IP before even allowing it to attempt to log in, against the known spammer addresses. It can maybe be done at the server level, through mods to apache, but again, it needs to be dynamic and updated automatically, or it is pointless.
|