Welcome to the new NQAT Forum

Manchester United chat
User avatar
swampash
Legend
Posts: 3065
Joined: 10 years ago

FuB wrote: 1 month ago
dozer wrote: 1 month ago
Anyway all of this is just a casual question, I'm just curious.
I'll try and explain.

In order for search engines like Google, etc. to make an index of the web in general, they need to have an automated process that "crawls" through the whole of the web trying to check each page. These processes are normally referred to as "spiders" or "webcrawlers". It's all got a little muddy more recently because they are also correctly referred to as "bots" because, well, they're just an automated process that has some direction to it.

I'm not entirely certain what Facebook is up to but nearly all of these guest logins at the moment are coming from Facebook's servers. I think they are verifying links to this forum that have been posted on Facebook somewhere or other. In any case they are benign and i'm not bothered about them at all - I'm able to check that they really are coming from Facebook's servers by the way. I don't really understand why they need to consume so many active guest "logins" (quotes because they're not, by definition, logins) since most webcrawlers need only one. phpBB has special default guest accounts for most of the major search engines and, indeed, the "Google [Bot]" is currently having a browse of the forum and does so very regularly.

Sometimes, we see a sudden swathe of guest "logins" from countries like China. I've seen this quite regularly and I've also seen this in my real-world job looking after various network systems. They do seem to like to probe networks and it's hard not to suspect nefarious purposes. We'll also occasionally see some connections from people elsewhere who are probably having a go at hacking something or other - whatever they can find. It's a jungle out there and, if you looked at firewall logs as much as i end up doing, you'd maybe be quite horrified.

As for the difference between an active user login and a guest login, you've noted that it'll say something like: "In total there are x users online" and then break it down into "registered", "hidden" and "guests". "Registered" are real users who have a login and password. As you know, you can set yourself as "hidden" in your user control panel and therefore the "hidden" count is the subset of the registered users who are set as hidden. Anything else is counted as a "guest", i.e. if you stumble across the site and browse it without having a proper login, you're a guest. Webcrawlers count as "guests" because they don't have a username and password and they are not logged in at any point.

I hope that clears it up for you.
^:)^
Glad you're on our team Fuß!
User avatar
dozer
Legend
Posts: 4096
Joined: 11 years ago

FuB wrote: 1 month ago
dozer wrote: 1 month ago
Anyway all of this is just a casual question, I'm just curious.
I'll try and explain.

In order for search engines like Google, etc. to make an index of the web in general, they need to have an automated process that "crawls" through the whole of the web trying to check each page. These processes are normally referred to as "spiders" or "webcrawlers". It's all got a little muddy more recently because they are also correctly referred to as "bots" because, well, they're just an automated process that has some direction to it.

I'm not entirely certain what Facebook is up to but nearly all of these guest logins at the moment are coming from Facebook's servers. I think they are verifying links to this forum that have been posted on Facebook somewhere or other. In any case they are benign and i'm not bothered about them at all - I'm able to check that they really are coming from Facebook's servers by the way. I don't really understand why they need to consume so many active guest "logins" (quotes because they're not, by definition, logins) since most webcrawlers need only one. phpBB has special default guest accounts for most of the major search engines and, indeed, the "Google [Bot]" is currently having a browse of the forum and does so very regularly.

Sometimes, we see a sudden swathe of guest "logins" from countries like China. I've seen this quite regularly and I've also seen this in my real-world job looking after various network systems. They do seem to like to probe networks and it's hard not to suspect nefarious purposes. We'll also occasionally see some connections from people elsewhere who are probably having a go at hacking something or other - whatever they can find. It's a jungle out there and, if you looked at firewall logs as much as i end up doing, you'd maybe be quite horrified.

As for the difference between an active user login and a guest login, you've noted that it'll say something like: "In total there are x users online" and then break it down into "registered", "hidden" and "guests". "Registered" are real users who have a login and password. As you know, you can set yourself as "hidden" in your user control panel and therefore the "hidden" count is the subset of the registered users who are set as hidden. Anything else is counted as a "guest", i.e. if you stumble across the site and browse it without having a proper login, you're a guest. Webcrawlers count as "guests" because they don't have a username and password and they are not logged in at any point.

I hope that clears it up for you.
Thanks fubs
User avatar
Felwin
Legend
Posts: 1580
Joined: 10 years ago
Location: Abroad

FuB wrote: 1 month ago
dozer wrote: 1 month ago
Anyway all of this is just a casual question, I'm just curious.
I'll try and explain.

In order for search engines like Google, etc. to make an index of the web in general, they need to have an automated process that "crawls" through the whole of the web trying to check each page. These processes are normally referred to as "spiders" or "webcrawlers". It's all got a little muddy more recently because they are also correctly referred to as "bots" because, well, they're just an automated process that has some direction to it.

I'm not entirely certain what Facebook is up to but nearly all of these guest logins at the moment are coming from Facebook's servers. I think they are verifying links to this forum that have been posted on Facebook somewhere or other. In any case they are benign and i'm not bothered about them at all - I'm able to check that they really are coming from Facebook's servers by the way. I don't really understand why they need to consume so many active guest "logins" (quotes because they're not, by definition, logins) since most webcrawlers need only one. phpBB has special default guest accounts for most of the major search engines and, indeed, the "Google [Bot]" is currently having a browse of the forum and does so very regularly.

Sometimes, we see a sudden swathe of guest "logins" from countries like China. I've seen this quite regularly and I've also seen this in my real-world job looking after various network systems. They do seem to like to probe networks and it's hard not to suspect nefarious purposes. We'll also occasionally see some connections from people elsewhere who are probably having a go at hacking something or other - whatever they can find. It's a jungle out there and, if you looked at firewall logs as much as i end up doing, you'd maybe be quite horrified.

As for the difference between an active user login and a guest login, you've noted that it'll say something like: "In total there are x users online" and then break it down into "registered", "hidden" and "guests". "Registered" are real users who have a login and password. As you know, you can set yourself as "hidden" in your user control panel and therefore the "hidden" count is the subset of the registered users who are set as hidden. Anything else is counted as a "guest", i.e. if you stumble across the site and browse it without having a proper login, you're a guest. Webcrawlers count as "guests" because they don't have a username and password and they are not logged in at any point.

I hope that clears it up for you.
Cheers for this breakdown. Turns out we work in similar areas. I've spent many an afternoon trawling firewall logs and you're right, it makes you realise that it's a jungle out there. You learn to ignore most of the probing you get because that's why you buy and maintain a firewall.

It's almost a cliche that the hackers come from "out east" but in my experience, 90% of that activity is from Russia and China. Like you say, they're just testing the water. Any target in the west is a good target. Not that you can in any way prove the IP's are government adjacent but, well, we cynics have our suspicions. Here in Germany I've spoke to many colleagues that work in network infrastructure that are all but convinced that Russia is probing the power grid here constantly. Probably in order to set up a similar attack to the one in Ukraine that took out their power a few years back.
Fuck the Glazers
Legend
Posts: 10277
Joined: 11 years ago

Felwin wrote: 1 month ago
FuB wrote: 1 month ago
dozer wrote: 1 month ago
Anyway all of this is just a casual question, I'm just curious.
I'll try and explain.

In order for search engines like Google, etc. to make an index of the web in general, they need to have an automated process that "crawls" through the whole of the web trying to check each page. These processes are normally referred to as "spiders" or "webcrawlers". It's all got a little muddy more recently because they are also correctly referred to as "bots" because, well, they're just an automated process that has some direction to it.

I'm not entirely certain what Facebook is up to but nearly all of these guest logins at the moment are coming from Facebook's servers. I think they are verifying links to this forum that have been posted on Facebook somewhere or other. In any case they are benign and i'm not bothered about them at all - I'm able to check that they really are coming from Facebook's servers by the way. I don't really understand why they need to consume so many active guest "logins" (quotes because they're not, by definition, logins) since most webcrawlers need only one. phpBB has special default guest accounts for most of the major search engines and, indeed, the "Google [Bot]" is currently having a browse of the forum and does so very regularly.

Sometimes, we see a sudden swathe of guest "logins" from countries like China. I've seen this quite regularly and I've also seen this in my real-world job looking after various network systems. They do seem to like to probe networks and it's hard not to suspect nefarious purposes. We'll also occasionally see some connections from people elsewhere who are probably having a go at hacking something or other - whatever they can find. It's a jungle out there and, if you looked at firewall logs as much as i end up doing, you'd maybe be quite horrified.

As for the difference between an active user login and a guest login, you've noted that it'll say something like: "In total there are x users online" and then break it down into "registered", "hidden" and "guests". "Registered" are real users who have a login and password. As you know, you can set yourself as "hidden" in your user control panel and therefore the "hidden" count is the subset of the registered users who are set as hidden. Anything else is counted as a "guest", i.e. if you stumble across the site and browse it without having a proper login, you're a guest. Webcrawlers count as "guests" because they don't have a username and password and they are not logged in at any point.

I hope that clears it up for you.
Cheers for this breakdown. Turns out we work in similar areas. I've spent many an afternoon trawling firewall logs and you're right, it makes you realise that it's a jungle out there. You learn to ignore most of the probing you get because that's why you buy and maintain a firewall.

It's almost a cliche that the hackers come from "out east" but in my experience, 90% of that activity is from Russia and China. Like you say, they're just testing the water. Any target in the west is a good target. Not that you can in any way prove the IP's are government adjacent but, well, we cynics have our suspicions. Here in Germany I've spoke to many colleagues that work in network infrastructure that are all but convinced that Russia is probing the power grid here constantly. Probably in order to set up a similar attack to the one in Ukraine that took out their power a few years back.
Pretty worrying that.

I wouldn't be surprised if Britain was doing similar to other countries, mind
User avatar
FuB
Site Admin
Posts: 2267
Joined: 8 years ago

Fuck the Glazers wrote: 1 month ago
Felwin wrote: 1 month ago
FuB wrote: 1 month ago
dozer wrote: 1 month ago
Anyway all of this is just a casual question, I'm just curious.
I'll try and explain.

In order for search engines like Google, etc. to make an index of the web in general, they need to have an automated process that "crawls" through the whole of the web trying to check each page. These processes are normally referred to as "spiders" or "webcrawlers". It's all got a little muddy more recently because they are also correctly referred to as "bots" because, well, they're just an automated process that has some direction to it.

I'm not entirely certain what Facebook is up to but nearly all of these guest logins at the moment are coming from Facebook's servers. I think they are verifying links to this forum that have been posted on Facebook somewhere or other. In any case they are benign and i'm not bothered about them at all - I'm able to check that they really are coming from Facebook's servers by the way. I don't really understand why they need to consume so many active guest "logins" (quotes because they're not, by definition, logins) since most webcrawlers need only one. phpBB has special default guest accounts for most of the major search engines and, indeed, the "Google [Bot]" is currently having a browse of the forum and does so very regularly.

Sometimes, we see a sudden swathe of guest "logins" from countries like China. I've seen this quite regularly and I've also seen this in my real-world job looking after various network systems. They do seem to like to probe networks and it's hard not to suspect nefarious purposes. We'll also occasionally see some connections from people elsewhere who are probably having a go at hacking something or other - whatever they can find. It's a jungle out there and, if you looked at firewall logs as much as i end up doing, you'd maybe be quite horrified.

As for the difference between an active user login and a guest login, you've noted that it'll say something like: "In total there are x users online" and then break it down into "registered", "hidden" and "guests". "Registered" are real users who have a login and password. As you know, you can set yourself as "hidden" in your user control panel and therefore the "hidden" count is the subset of the registered users who are set as hidden. Anything else is counted as a "guest", i.e. if you stumble across the site and browse it without having a proper login, you're a guest. Webcrawlers count as "guests" because they don't have a username and password and they are not logged in at any point.

I hope that clears it up for you.
Cheers for this breakdown. Turns out we work in similar areas. I've spent many an afternoon trawling firewall logs and you're right, it makes you realise that it's a jungle out there. You learn to ignore most of the probing you get because that's why you buy and maintain a firewall.

It's almost a cliche that the hackers come from "out east" but in my experience, 90% of that activity is from Russia and China. Like you say, they're just testing the water. Any target in the west is a good target. Not that you can in any way prove the IP's are government adjacent but, well, we cynics have our suspicions. Here in Germany I've spoke to many colleagues that work in network infrastructure that are all but convinced that Russia is probing the power grid here constantly. Probably in order to set up a similar attack to the one in Ukraine that took out their power a few years back.
Pretty worrying that.

I wouldn't be surprised if Britain was doing similar to other countries, mind
You can count on it, Sid and it really is just constant background probing to the effect that you tend to just ignore it... which is, of course, one of the reasons big breaches happen. You can easily get desensitised to the extent that you miss what you shouldn't.

In terms of the forum, there's little I can do either way as I'm not in control of the actual systems that host the forum. It's the forum itself that provides a "who is online" and it's not particularly real-time so i suspect a lot of these multiple users are just very fast multiple we request connections that are not persistent.
NQAT's official artificial intelligence
User avatar
brianofnazarethffs
Legend
Posts: 1063
Joined: 11 years ago

This forum: The greatest.

Fuck is too common of a word 😂😂
Attachments
IMG_4412.jpeg
Life is what happens to you while you're busy making other plans...


NQAT's official saviour, International Lovemaker to the Stars and prince of cunts
User avatar
FuB
Site Admin
Posts: 2267
Joined: 8 years ago

brianofnazarethffs wrote: 3 weeks ago This forum: The greatest.

Fuck is too common of a word 😂😂
If that doesn't fill everyone with pride then they can fuck off
NQAT's official artificial intelligence
User avatar
brianofnazarethffs
Legend
Posts: 1063
Joined: 11 years ago

FuB wrote: 3 weeks ago
brianofnazarethffs wrote: 3 weeks ago This forum: The greatest.

Fuck is too common of a word 😂😂
If that doesn't fill everyone with pride then they can fuck off
It makes my near 20 year association with this forum worthwhile.
Life is what happens to you while you're busy making other plans...


NQAT's official saviour, International Lovemaker to the Stars and prince of cunts
User avatar
swampash
Legend
Posts: 3065
Joined: 10 years ago

60 guests on line at the moment.
Are they still all just bots?
User avatar
swampash
Legend
Posts: 3065
Joined: 10 years ago

As soon as I posted that it dropped to just 1...
Post Reply