Hinweis: Sie sind auf den Seiten der Moodle 1.9 Dokumentation. Die Dokumentation der aktuellsten Moodle-Version finden Sie hier: Hintergrundinformationen zu Spam in Moodle.

Hintergrundinformationen zu Spam in Moodle: Unterschied zwischen den Versionen

Aus MoodleDocs
Wechseln zu:Navigation, Suche
Keine Bearbeitungszusammenfassung
Zeile 2: Zeile 2:
{{Stephan}}
{{Stephan}}


==Porn spammers==
==Porno Spammer==


Porn spammers are people who desire to drive internet traffic (in this case users looking for porn on internet search engines) towards their own sites, either to sell porn or to trick the users into downloading viruses onto their computer. ([http://seo.mhvt.net/blog/?p=549 More information])
Porno Spammer sind Individuen, die versuchen Internetnutzer auf Ihre Seiten zu lenken, entweder um dort Pornografisches Material zu verkaufen oder um Nutzer betrügerisch dazu zu bringen, Viren auf Ihren Rechner herunterzuladen [http://seo.mhvt.net/blog/?p=549 Weitere Informationen])


The best way for spammers to achieve this result is to improve the rankings for their pages in search engines (so their links come up on top) through "search engine optimisation", and the best way to do this is to get lots of named links on many different pages around the web all pointing to their sites (the search engines automatically use this information to determine what is "important"). As a result spammers are constantly looking for places where they can place links, and you'll find such spam everywhere on blogs, social networking sites, email, and so on. ([http://seo.mhvt.net/blog/?cat=14 More information])
Die best Art und Weise um dies zu erreichen ist es, durch Suchmaschinenoptimierung den Suchmaschinen-Rang für ihre Seiten zu verbessern (so dass ihre Links weit oben in den Suchergebnissen stehen). Die effektivste Methode dafür ist es, möglichst viele Links auf möglichst viele verschiedene Seiten im Internet zu verbreiten, die alle auf Ihre Webseiten verweisen (Suchmaschinen verwenden die Anzahl von Verlinkungen, um zu entscheiden, was "wichtig" ist). Als Konsequenz sind Spammer dauernd auf der Suche nach Seiten, auf denen Sie Links platzieren können. Deshalb findet man Spam überall auf blogs, in sozialen Netzwerken, Email, usw. ([http://seo.mhvt.net/blog/?cat=14 Weitere Informationen])


Spammers are often fairly sophisticated in their use of technology and often use programs ("spambots") to search the web looking for such places and placing spam content there automatically. ([http://en.wikipedia.org/wiki/Spambots#Forum_spambots More information])
Spammer sind oft sehr geschickt im Umgang mit neuen Technologien und verwenden häufig Programme (sogenannte Spambots), die das Internet durchsuchen, mit dem Ziel solche Webseiten aufzutun und dort Spam zu platzieren.([http://en.wikipedia.org/wiki/Spambots#Forum_spambots Weitere Informationen])


==Moodle as a target==
==Moodle as a target==

Version vom 1. November 2009, 16:48 Uhr

Baustelle.png Diese Seite ist noch nicht vollständig übersetzt.

Baustelle.png Diese Seite wird derzeit von Stephan Rinke übersetzt. Bei Änderungsvorschlägen nehmen Sie bitte direkt Diskussion.

Porno Spammer

Porno Spammer sind Individuen, die versuchen Internetnutzer auf Ihre Seiten zu lenken, entweder um dort Pornografisches Material zu verkaufen oder um Nutzer betrügerisch dazu zu bringen, Viren auf Ihren Rechner herunterzuladen Weitere Informationen)

Die best Art und Weise um dies zu erreichen ist es, durch Suchmaschinenoptimierung den Suchmaschinen-Rang für ihre Seiten zu verbessern (so dass ihre Links weit oben in den Suchergebnissen stehen). Die effektivste Methode dafür ist es, möglichst viele Links auf möglichst viele verschiedene Seiten im Internet zu verbreiten, die alle auf Ihre Webseiten verweisen (Suchmaschinen verwenden die Anzahl von Verlinkungen, um zu entscheiden, was "wichtig" ist). Als Konsequenz sind Spammer dauernd auf der Suche nach Seiten, auf denen Sie Links platzieren können. Deshalb findet man Spam überall auf blogs, in sozialen Netzwerken, Email, usw. (Weitere Informationen)

Spammer sind oft sehr geschickt im Umgang mit neuen Technologien und verwenden häufig Programme (sogenannte Spambots), die das Internet durchsuchen, mit dem Ziel solche Webseiten aufzutun und dort Spam zu platzieren.(Weitere Informationen)

Moodle as a target

Moodle is our free open source software that many people download and use to build their interactive education sites. There are around 50,000 active sites that we know about, and many more that we don't know about (registration is voluntary).

In cases that have been publicised recently, spammers have discovered that some Moodle sites were configured so that anyone could place search-engine-visible content on a page within that site, so the spammers took advantage of that. The spammers don't care (and may not even know) that these were school web sites. Remember their target is not the people on the site - it's for people searching for porn in search engines. (More info on spamdexing)

Because the spammers are inserting their content into the "user profile" pages of Moodle sites, this particular attack is known as profile spam.

Moodle configuration

Not all Moodle sites are vulnerable this way.

The difference lies in the configuration of the software, which is ultimately the responsibility of the person who administers that particular installation of Moodle. Moodle has many different configuration settings which allow it to be customised for different institutional needs.

There are two Moodle settings that, when combined, allow the common form of profile spam:

  1. email authentication, which allows anyone to create a user profile on the site (including a text field to describe themselves), and
  2. forceloginforprofiles, which can access to these profiles to the outside world (ie search engines).

This allows spammers to create an account on the site and put their content in the user description field, then get search engines to index the resulting page.

Unfortunately these were the default settings in very old versions of Moodle (before the spam problem was known) and many administrators did not know enough about the issue to change these settings, so there are still quite a few vulnerable sites out there.

How we have been addressing it

We changed the defaults for forceloginforprofiles for all versions after Moodle 1.7.2 (30th March 2007, MDL-8385), and email authentication for all 1.8 versions Moodle 1.8.6 and later, and Moodle 1.9.2 and later (11 July 2008, MDL-15544). Since then we have also added a lot more warnings into Moodle for various settings to educate administrators better about the risks.

We have been quietly sending out alerts and warnings to those administrators of old sites that we know about, to either change the settings or upgrade to a more recent version (so they get warnings that way) for over a year but of course we can't force them. There are unfortunately still many old sites around where those settings have not been fixed or upgraded in several years and these are the ones that spammers are attacking.

We have recently stepped up our efforts with more public front-page announcements (see Moodle news) and a forum for Security and Privacy. Articles in the press also help if they recommend that Moodle administrators visit http://moodle.org/security for full information.

We have also stepped up our campaign to search for the administrators of many affected sites and contact them directly, even though this sometimes takes a lot of research.

How you can help

If you would like to help alert administrators of old and insecure Moodle sites you can try searching Google for typical sex keywords and add "moodle" to them. Once you find a site, try and remove things off the URL until you get to the home page, and look for some way to contact the administrator. If that fails, try using http://www.whois.net/ to research the owner of the domain and notify them.

Don't panic

Finally, remember that the porn content is generally not visible to other users of the affected Moodle sites.

The spammers don't (and usually can't) enrol in courses and their "user profiles" are not exposed to students, teachers or even admins on those sites. You generally will only find those pages if you are actually searching for porn on the web. This is why so many site administrators have not been aware their sites are affected.

The fixes are easy: see Reducing spam in Moodle for full information.

Siehe en:Why porn spam has been appearing in Moodle sites