ElkArte Community

Project Support => General ElkArte discussions => Topic started by: Joshua Dickerson on January 31, 2016, 10:20:31 pm

Title: BadBehavior
Post by: Joshua Dickerson on January 31, 2016, 10:20:31 pm
As I've said a couple of times now, I'm rewriting BadBehavior to be more object oriented, maybe fix some bugs, and add tests. Big thing is I want it to be cleaner code.

https://github.com/joshuaadickerson/BadBehavior
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 01, 2016, 04:00:01 am
It would be incredibly helpful if people could post their BadBehavior log and especially helpful if I could get the access log entry (including IP, user agent, a request string) for any SPAM that gets through BB. It would be way too much to log headers but that would be awesome. Maybe I'll setup a honeypot forum for that.
Title: Re: BadBehavior
Post by: radu81 on February 01, 2016, 05:32:32 pm
I can provide any info you need if this can help, but how do I export my log? From phpmyadmin?

PM me your email address and I'll send it
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 01, 2016, 05:49:30 pm
Yeah, just dump the table.
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 02, 2016, 04:06:25 am
Hmm... do we require a cookie to be logged in or can it be done just by rewriting the session string on the links?

Reason I ask is because if we create a cookie and then check for that cookie, on POST, that is an easy way of stopping bots. I think most bots don't allow cookies to be saved.
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 02, 2016, 04:09:01 am
I am thinking about writing some scrapers and "bots" to test people's strategies.
Title: Re: BadBehavior
Post by: Flavio93Zena on February 02, 2016, 09:51:42 pm
Hmm, you might actually want to update the core of that, it got updated as well and can surely save some work.
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 02, 2016, 10:10:25 pm
Thanks. The only thing that I don't have that the download has is all of the extraneous plugin stuff. All of that will be stripped out and put in its own repo at some point after I get it working and get composer setup properly. At that point, it will be found in my repos as [joshuaadickerson/] BadBehavior-ElkArte, BadBehavior-Wordpress, BadBehavior-Mediawiki so plugins can be maintained on their own.
Title: Re: BadBehavior
Post by: Flavio93Zena on February 02, 2016, 10:27:24 pm
That's amazing stuff, nice!
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 03, 2016, 03:53:41 pm
@radu81 I sent you a PM with my email. If you sent me the dump already it might have gone to SPAM. Let me know what email address you're sending from if so.
Title: Re: BadBehavior
Post by: radu81 on February 03, 2016, 04:26:30 pm
I replied yesterday, as soon as I got your email address. My email is radu*****com. Should I resend the email?
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 03, 2016, 04:33:49 pm
I just sent you an email. If you get it, it might be easier to just reply to it so it gets passed the SPAM filters.
Title: Re: BadBehavior
Post by: radu81 on February 03, 2016, 04:37:17 pm
That's very strange, I did not receive it :( I sent you a PM
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 03, 2016, 04:41:53 pm
Quote from: radu81 – That's very strange, I did not receive it :( I sent you a PM
Got it. Thanks.
Title: Re: BadBehavior
Post by: Joshua Dickerson on February 07, 2016, 04:12:05 pm
Looking at a couple of logs, it appears http:BL is very valuable. It stops a lot of spammers and scrapers.
Title: Re: BadBehavior
Post by: omBre on January 04, 2018, 06:08:32 am
could engine like this be integrated to this addon

http://kitploit.blogspot.mk/2015/01/sysmon-v20-system-activity-monitor-for.html
Title: Re: BadBehavior
Post by: Joshua Dickerson on January 04, 2018, 05:40:06 pm
Not related.
Title: Re: BadBehavior
Post by: omBre on January 04, 2018, 06:17:47 pm
Thanks Joshua I was curious whether I can have such overview of the code while on the server, just to have clue what is happening if there few system administrators
Title: Re: BadBehavior
Post by: omBre on January 06, 2018, 05:55:48 pm
to ask again, I'll need something like badbehavior log for any change of code by any of the present administrators on the server, is it possible BadBehavior to monitor all the engine changes and send allerts for any by email to the registered sys admins?

I have no clue even how BB works as I havent instaled yet ElkArte, but trying to figure out when I'll ask some friends to help about the coding or administration, how to monitor their changes as sys admins, who did what and when i.e. it would be awesome if there is email alert for any change on this level for those that are part of the sys crew ...

I am not sure what other third party app can be at hand for this, as I can grasp this should be some pipeline in this direction ... am I wrong?

https://nxlog.co/using-nxlog-elasticsearch-and-kibana
Title: Re: BadBehavior
Post by: ahrasis on January 06, 2018, 06:04:41 pm
Again, it is a default feature in ElkArte. And this topic is about rewriting it. Do open your own thread for your specific issues, if any @omBre.