So, if you run a list that allows entry via a Web form, how can you cut down on such problems? There are no sure-fire solutions, but an increasing number of lists are turning to CAPTCHAs, a tortured acronym standing for Completely Automated Public Turing test to tell Computers and Humans Apart. They are those little puzzles that let a human prove that he or she is indeed a human. So, when your user wants to enter data to be sent to your list, they first have to type in some text that has been obscured in an image. This tests the pattern-recognition abilities of humans, which most automated Web crawlers don't have. To use a CAPTCHA associated with the input, you'll have to install CAPTCHA software on your Web site. There are several free CAPTCHA programs available for various Web servers, as described here: http://freshmeat.net/search/?q=captcha. The free phpBB suite also includes a CAPTCHA routine you could use if you are relying on PHP generally and phpBB in particular.
Unfortunately, the bad guys can create automated software to break and bypass the CAPTCHA. Or, at a minimum, some can simply employ low-cost human form-fillers to surf the net, fill in CAPTCHA forms, and then paste in ads. Don't laugh... some aggressive advertisers do just that.
Another option, which may or may not meet your needs, is to create a whitelist of allowed users who can authenticate and then post to your list. Such moves are draconian and require administrative overhead, but they do significantly cut down on the problem of clutter.
For more information:
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Ed Skoudis
Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology. Continue Reading
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your ... Continue Reading
Wi-Fi on airplanes seems like it will be unavoidable in the future, but what security risks does it pose? In this security threats expert response, ... Continue Reading