Re: Admissions application bot activity

[Mac McGaughy <jmcgaug1 () UNCC EDU>]

More than likely this could be cause by some type of HTTP post
mishandling.  This link talks about how to harden POST against unauthorized
access.  It talks about Wordpress but it would work for other types of
frameworks.


https://perishablepress.com/protect-post-requests/


Mac McGaughy
CISO, UNC Charlotte



On Fri, Sep 18, 2020 at 5:46 PM Czarapata, Paul (KCTCS) <
paul.czarapata () kctcs edu> wrote:

> Dear colleagues,
>
>
>
>
>
>
>
>
>
>
>
> Sorry for the cross-post, but we have a bit of a situation here at KCTCS.
> We have been getting tens of thousands of fake admissions applications over
> the past 6 weeks.  We have re-captcha implemented and they are still
> getting through, but at such a pace there
>
> is no way a human can be doing it.  The network team is watching the IP
> addresses and blocking, but then they just pop up from somewhere else.  Our
> student team is working on a pin code process, but that's not ready yet.
> We don't have an admissions application
>
> fee either, or that would likely stop them.  I was just curious if anyone
> else had seen this happening and if you have stopped it, what you did?
>
>
>
>
>
>
>
>
>
>
>
> Thank you in advance - PC
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ______________________________________________________________________
>
>
>
>
> *Paul Czarapata, Ed.D.*
>
>
>
> <https://www.google.com/maps/search/300+North+Main+Street+%0D%0A+%0D%0A+Versailles,+KY+40383?entry=gmail&source=g>
>
>
>
>
> <https://www.google.com/maps/search/300+North+Main+Street+%0D%0A+%0D%0A+Versailles,+KY+40383?entry=gmail&source=g>Vice
> President/Chief Information Officer
>
>
>
>
> Kentucky Community & Technical College System
>
>
>
>
> 300 North Main Street
> <https://www.google.com/maps/search/300+North+Main+Street+%0D%0A+%0D%0A+Versailles,+KY+40383?entry=gmail&source=g>
>
>
>
>
> Versailles, KY 40383
> <https://www.google.com/maps/search/300+North+Main+Street+%0D%0A+%0D%0A+Versailles,+KY+40383?entry=gmail&source=g>
>
>
>
>
> O: 859/256-3248
>
>
>
>
>
>
>
>
>
> Your success equals our success.
>
>
>
>
>
>
>
>
>
> <https://twitter.com/pczarapata>  <https://linkedin.com/in/pczarapata>
> <https://www.facebook.com/KCTCS>
>
>
>
>
>
>
>
>
> *Training and Learning Center* <http://kctcs.edu/tlc>* | **Technology
> Solutions Help Desk* <http://ithelpdesk.kctcs.edu/>
>
> *| Technology Communications Center <http://kctcs.edu/tcc>*
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> **********
>
>
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
>
>
> --
------------------------------------------------------------
------------------------------------------------------------
---------------------------
Jessie McGaughy | CISSP-ISSAP, CISSP, CCSP, PMP, C|EH, ITIL
Chief Information Security Officer
UNC Charlotte | Office of OneIT
9201 University City Blvd | Charlotte, NC 28223
jmcgaug1 () uncc edu | Phone: 704-687-8548
oneit.uncc.edu
------------------------------------------------------------
------------------------------------------------------------
---------------------------
If you are not the intended recipient of this transmission or a person
responsible for delivering it to the intended recipient, any disclosure,
copying, distribution, or other use of any of the information in this
transmission is strictly prohibited. If you have received this transmission
in error, please notify me immediately by reply e-mail or by telephone.
Thank you.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community