[pLog-svn] r6192 - inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
Paul Westbrook
paul at westbrooks.org
Fri Feb 29 03:04:38 EST 2008
Hello,
Sure. But I am wondering about something slightly different. I am
thinking about when more people have moved to 2.0. I assume that there will
be a period that 1.2 will still be a supported release, but most developers
will be working on 2.0.
If there is a new version of bad behavior, currently we need to do a new
release of LifeType, as the bad behavior plugin is not available separately.
I assume that at some point we will move the bad behavior plugin to the
plugin branch, to make it easier to release new versions of this plugin.
--Paul
On 2/28/08, Mark Wu <markplace at gmail.com> wrote:
>
> Hi Paul:
>
> I think it is okay. Bcasue I always merge the 1.2 branch to trunk in a
> certain period . These changes will apply to 2.0-dev very soon.
>
> Regards, Mark
>
> ------------------------------
> *From:* plog-svn-bounces at devel.lifetype.net [mailto:
> plog-svn-bounces at devel.lifetype.net] *On Behalf Of *Paul Westbrook
> *Sent:* Friday, February 29, 2008 2:57 PM
> *To:* LifeType Developer List
> *Subject:* Re: [pLog-svn] r6192 - inplog/branches/lifetype-1.2/plugins/badbehavior:
> . bad-behavior
>
> Hello,
> As development for LifeType 2.0 takes highe priority, will this plugin,
> or the LifeType 1.2 version of it, move back to the main plugin subversion
> branch? This would allow quick patches to the plugin to be done, with out
> having to spin a whole LifeType release.
>
> --Paul
>
> On 2/28/08, pwestbro at devel.lifetype.net <pwestbro at devel.lifetype.net>
> wrote:
> >
> > Author: pwestbro
> > Date: 2008-02-29 01:49:43 -0500 (Fri, 29 Feb 2008)
> > New Revision: 6192
> >
> > Modified:
> > plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/blacklist.inc.php
> > plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/msie.inc.php
> > plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/version.inc.php
> > plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/whitelist.inc.php
> > plog/branches/lifetype-1.2
> > /plugins/badbehavior/pluginbadbehavior.class.php
> > Log:
> > Checked in version 2.0.13 of bad behavior
> >
> >
> > Modified: plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/blacklist.inc.php
> > ===================================================================
> > --- plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.php
> > 2008-02-28 10:54:49 UTC (rev 6191)
> > +++ plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.php
> > 2008-02-29 06:49:43 UTC (rev 6192)
> > @@ -1,113 +1,113 @@
> > -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> > -
> > -function bb2_blacklist($package) {
> > -
> > - // Blacklisted user agents
> > - // These user agent strings occur at the beginning of the line.
> > - $bb2_spambots_0 = array(
> > - "<sc", // XSS exploit attempts
> > - "8484 Boston Project", // video poker/porn spam
> > - "adwords", // referrer spam
> > - "autoemailspider", // spam harvester
> > - "blogsearchbot-martin", // from honeypot
> > - "Digger", // spam harvester
> > - "ecollector", // spam harvester
> > - "EmailCollector", // spam harvester
> > - "Email Extractor", // spam harvester
> > - "Email Siphon", // spam harvester
> > - "EmailSiphon", // spam harvester
> > - "grub crawler", // misc comment/email spam
> > - "HttpProxy", // misc comment/email spam
> > - "Internet Explorer", // XMLRPC exploits seen
> > - "Jakarta Commons", // custommised spambots
> > - "Java 1.", // definitely a spammer
> > - "Java/1.", // definitely a spammer
> > - "libwww-perl", // spambot scripts
> > - "LWP", // spambot scripts
> > - "Microsoft URL", // spam harvester
> > - "Missigua", // spam harvester
> > - "MJ12bot", // crawls MUCH too fast
> > - "Movable Type", // customised spambots
> > - "Mozilla ", // malicious software
> > - "Mozilla/4.0(", // from honeypot
> > - "Mozilla/4.0+(", // suspicious harvester
> > - "MSIE", // malicious software
> > - "NutchCVS", // unidentified robots
> > - "Nutscrape/", // misc comment spam
> > - "OmniExplorer", // spam harvester
> > - "psycheclone", // spam harvester
> > - "PussyCat ", // misc comment spam
> > - "PycURL", // misc comment spam
> > - "Shockwave Flash", // spam harvester
> > - "TrackBack/", // trackback spam
> > - "user", // suspicious harvester
> > - "User Agent: ", // spam harvester
> > - "User-Agent: ", // spam harvester
> > - "Wordpress", // malicious software
> > - "\"", // malicious software
> > - );
> > -
> > - // These user agent strings occur anywhere within the line.
> > - $bb2_spambots = array(
> > - "\r", // A really dumb bot
> > - "; Widows ", // misc comment/email spam
> > - "a href=", // referrer spam
> > - "Bad Behavior Test", // Add this to your user-agent
> > to test BB
> > - "compatible ; MSIE", // misc comment/email spam
> > - "compatible-", // misc comment/email spam
> > - "DTS Agent", // misc comment/email spam
> > - "Gecko/25", // revisit this in 500 years
> > - "grub-client", // search engine ignores
> > robots.txt
> > - "hanzoweb", // very badly behaved crawler
> > - "Indy Library", // misc comment/email spam
> > - "larbin at unspecified", // stealth harvesters
> > - "Murzillo compatible", // comment spam bot
> > - ".NET CLR 1)", // free poker, etc.
> > - "POE-Component-Client", // free poker, etc.
> > - "Turing Machine", // www.anonymizer.com abuse
> > - "WebaltBot", // spam harvester
> > - "WISEbot", // spam harvester
> > - "WISEnutbot", // spam harvester
> > - "Windows NT 4.0;)", // wikispam bot
> > - "Windows NT 5.0;)", // wikispam bot
> > - "Windows NT 5.1;)", // wikispam bot
> > - "Windows XP 5", // spam harvester
> > - "\\\\)", // spam harvester
> > - );
> > -
> > - // These are regular expression matches.
> > - $bb2_spambots_regex = array(
> > - "/^[A-Z]{10}$/", // misc email spam
> > - "/^Mozilla...[05]$/i", // fake user agent/email spam
> > - "/[bcdfghjklmnpqrstvwxz ]{8,}/",
> > -// "/(;\){1,2}$/", // misc spammers/harvesters
> > -// "/MSIE.*Windows XP/", // misc comment spam
> > - );
> > -
> > - // Do not edit below this line.
> > -
> > - $ua = $package['headers_mixed']['User-Agent'];
> > -
> > - foreach ($bb2_spambots_0 as $spambot) {
> > - $pos = stripos($ua, $spambot);
> > - if ($pos !== FALSE && $pos == 0) {
> > - return "17f4e8c8";
> > - }
> > - }
> > -
> > - foreach ($bb2_spambots as $spambot) {
> > - if (stripos($ua, $spambot) !== FALSE) {
> > - return "17f4e8c8";
> > - }
> > - }
> > -
> > - foreach ($bb2_spambots_regex as $spambot) {
> > - if (preg_match($spambot, $ua)) {
> > - return "17f4e8c8";
> > - }
> > - }
> > -
> > - return FALSE;
> > -}
> > -
> > -?>
> > +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> > +
> > +function bb2_blacklist($package) {
> > +
> > + // Blacklisted user agents
> > + // These user agent strings occur at the beginning of the line.
> > + $bb2_spambots_0 = array(
> > + "<sc", // XSS exploit attempts
> > + "8484 Boston Project", // video poker/porn spam
> > + "adwords", // referrer spam
> > + "autoemailspider", // spam harvester
> > + "blogsearchbot-martin", // from honeypot
> > + "Digger", // spam harvester
> > + "ecollector", // spam harvester
> > + "EmailCollector", // spam harvester
> > + "Email Extractor", // spam harvester
> > + "Email Siphon", // spam harvester
> > + "EmailSiphon", // spam harvester
> > + "grub crawler", // misc comment/email spam
> > + "HttpProxy", // misc comment/email spam
> > + "Internet Explorer", // XMLRPC exploits seen
> > + "Jakarta Commons", // custommised spambots
> > + "Java 1.", // definitely a spammer
> > + "Java/1.", // definitely a spammer
> > + "libwww-perl", // spambot scripts
> > + "LWP", // spambot scripts
> > + "Microsoft URL", // spam harvester
> > + "Missigua", // spam harvester
> > + "MJ12bot", // crawls MUCH too fast
> > + "Movable Type", // customised spambots
> > + "Mozilla ", // malicious software
> > + "Mozilla/4.0(", // from honeypot
> > + "Mozilla/4.0+(", // suspicious harvester
> > + "MSIE", // malicious software
> > + "NutchCVS", // unidentified robots
> > + "Nutscrape/", // misc comment spam
> > + "OmniExplorer", // spam harvester
> > + "psycheclone", // spam harvester
> > + "PussyCat ", // misc comment spam
> > + "PycURL", // misc comment spam
> > + "Shockwave Flash", // spam harvester
> > + "TrackBack/", // trackback spam
> > + "user", // suspicious harvester
> > + "User Agent: ", // spam harvester
> > + "User-Agent: ", // spam harvester
> > + "Wordpress", // malicious software
> > + "\"", // malicious software
> > + );
> > +
> > + // These user agent strings occur anywhere within the line.
> > + $bb2_spambots = array(
> > + "\r", // A really dumb bot
> > + "; Widows ", // misc comment/email spam
> > + "a href=", // referrer spam
> > + "Bad Behavior Test", // Add this to your user-agent
> > to test BB
> > + "compatible ; MSIE", // misc comment/email spam
> > + "compatible-", // misc comment/email spam
> > + "DTS Agent", // misc comment/email spam
> > + "Gecko/25", // revisit this in 500 years
> > + "grub-client", // search engine ignores
> > robots.txt
> > + "hanzoweb", // very badly behaved crawler
> > + "Indy Library", // misc comment/email spam
> > + "larbin at unspecified", // stealth harvesters
> > + "Murzillo compatible", // comment spam bot
> > + ".NET CLR 1)", // free poker, etc.
> > + "POE-Component-Client", // free poker, etc.
> > + "Turing Machine", // www.anonymizer.com abuse
> > + "WebaltBot", // spam harvester
> > + "WISEbot", // spam harvester
> > + "WISEnutbot", // spam harvester
> > + "Windows NT 4.0;)", // wikispam bot
> > + "Windows NT 5.0;)", // wikispam bot
> > + "Windows NT 5.1;)", // wikispam bot
> > + "Windows XP 5", // spam harvester
> > + "\\\\)", // spam harvester
> > + );
> > +
> > + // These are regular expression matches.
> > + $bb2_spambots_regex = array(
> > + "/^[A-Z]{10}$/", // misc email spam
> > + "/^Mozilla...[05]$/i", // fake user agent/email spam
> > + "/[bcdfghjklmnpqrstvwxz ]{8,}/",
> > +// "/(;\){1,2}$/", // misc spammers/harvesters
> > +// "/MSIE.*Windows XP/", // misc comment spam
> > + );
> > +
> > + // Do not edit below this line.
> > +
> > + $ua = $package['headers_mixed']['User-Agent'];
> > +
> > + foreach ($bb2_spambots_0 as $spambot) {
> > + $pos = strpos($ua, $spambot);
> > + if ($pos !== FALSE && $pos == 0) {
> > + return "17f4e8c8";
> > + }
> > + }
> > +
> > + foreach ($bb2_spambots as $spambot) {
> > + if (strpos($ua, $spambot) !== FALSE) {
> > + return "17f4e8c8";
> > + }
> > + }
> > +
> > + foreach ($bb2_spambots_regex as $spambot) {
> > + if (preg_match($spambot, $ua)) {
> > + return "17f4e8c8";
> > + }
> > + }
> > +
> > + return FALSE;
> > +}
> > +
> > +?>
> >
> > Modified: plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/msie.inc.php
> > ===================================================================
> > --- plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php 2008-02-28
> > 10:54:49 UTC (rev 6191)
> > +++ plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php 2008-02-29
> > 06:49:43 UTC (rev 6192)
> > @@ -1,24 +1,25 @@
> > -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> > -
> > -// Analyze user agents claiming to be MSIE
> > -
> > -function bb2_msie($package)
> > -{
> > - if (!array_key_exists('Accept', $package['headers_mixed'])) {
> > - return "17566707";
> > - }
> > -
> > - // MSIE does NOT send "Windows ME" or "Windows XP" in the user
> > agent
> > - if (strpos($package['headers_mixed']['User-Agent'], "Windows
> > ME") !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
> > XP") !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
> > 2000") !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32")
> > !== FALSE) {
> > - return "a1084bad";
> > - }
> > -
> > - // MSIE does NOT send Connection: TE
> > - if (preg_match('/\bTE\b/i',
> > $package['headers_mixed']['Connection'])) {
> > - return "2b90f772";
> > - }
> > -
> > - return false;
> > -}
> > -
> > -?>
> > +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> > +
> > +// Analyze user agents claiming to be MSIE
> > +
> > +function bb2_msie($package)
> > +{
> > + if (!array_key_exists('Accept', $package['headers_mixed'])) {
> > + return "17566707";
> > + }
> > +
> > + // MSIE does NOT send "Windows ME" or "Windows XP" in the user
> > agent
> > + if (strpos($package['headers_mixed']['User-Agent'], "Windows
> > ME") !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
> > XP") !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
> > 2000") !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32")
> > !== FALSE) {
> > + return "a1084bad";
> > + }
> > +
> > + // MSIE does NOT send Connection: TE but Akamai does
> > + // Bypass this test when Akamai detected
> > + if (!array_key_exists('Akamai-Origin-Hop',
> > $package['headers_mixed']) && preg_match('/\bTE\b/i',
> > $package['headers_mixed']['Connection'])) {
> > + return "2b90f772";
> > + }
> > +
> > + return false;
> > +}
> > +
> > +?>
> >
> > Modified: plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/version.inc.php
> > ===================================================================
> > --- plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
> > 2008-02-28 10:54:49 UTC (rev 6191)
> > +++ plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
> > 2008-02-29 06:49:43 UTC (rev 6192)
> > @@ -1,3 +1,3 @@
> > -<?php if (!defined('BB2_CWD')) die("I said no cheating!");
> > -define('BB2_VERSION', "2.0.11");
> > -?>
> > +<?php if (!defined('BB2_CWD')) die("I said no cheating!");
> > +define('BB2_VERSION', "2.0.13");
> > +?>
> >
> > Modified: plog/branches/lifetype-1.2
> > /plugins/badbehavior/bad-behavior/whitelist.inc.php
> > ===================================================================
> > --- plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.php
> > 2008-02-28 10:54:49 UTC (rev 6191)
> > +++ plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.php
> > 2008-02-29 06:49:43 UTC (rev 6192)
> > @@ -1,56 +1,58 @@
> > -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> > -
> > -function bb2_whitelist($package)
> > -{
> > - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> > DANGER!
> > -
> > - // Inappropriate whitelisting WILL expose you to spam, or cause
> > Bad
> > - // Behavior to stop functioning entirely! DO NOT WHITELIST
> > unless you
> > - // are 100% CERTAIN that you should.
> > -
> > - // IP address ranges use the CIDR format.
> > -
> > - // Includes four examples of whitelisting by IP address and
> > netblock.
> > - $bb2_whitelist_ip_ranges = array(
> > - "10.0.0.0/8",
> > - "172.16.0.0/12",
> > - "192.168.0.0/16",
> > -// "127.0.0.1",
> > - );
> > -
> > - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> > DANGER!
> > -
> > - // Inappropriate whitelisting WILL expose you to spam, or cause
> > Bad
> > - // Behavior to stop functioning entirely! DO NOT WHITELIST
> > unless you
> > - // are 100% CERTAIN that you should.
> > -
> > - // You should not whitelist search engines by user agent. Use
> > the IP
> > - // netblock for the search engine instead. See
> > http://whois.arin.net/
> > - // to locate the netblocks for an IP.
> > -
> > - // User agents are matched by exact match only.
> > -
> > - // Includes one example of whitelisting by user agent.
> > - // All are commented out.
> > - $bb2_whitelist_user_agents = array(
> > - // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
> > It's me, let me in",
> > - );
> > -
> > - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> > DANGER!
> > -
> > - // Do not edit below this line
> > -
> > - if (!empty($bb2_whitelist_ip_ranges)) {
> > - foreach ($bb2_whitelist_ip_ranges as $range) {
> > - if (match_cidr($package['ip'], $range)) return
> > true;
> > - }
> > - }
> > - if (!empty($bb2_whitelist_user_agents)) {
> > - foreach ($bb2_whitelist_user_agents as $user_agent) {
> > - if
> > (!strcmp($package['headers_mixed']['User-Agent'], $user_agent)) return true;
> > - }
> > - }
> > - return false;
> > -}
> > -
> > -?>
> > +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> > +
> > +function bb2_whitelist($package)
> > +{
> > + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> > DANGER!
> > +
> > + // Inappropriate whitelisting WILL expose you to spam, or cause
> > Bad
> > + // Behavior to stop functioning entirely! DO NOT WHITELIST
> > unless you
> > + // are 100% CERTAIN that you should.
> > +
> > + // IP address ranges use the CIDR format.
> > +
> > + // Includes four examples of whitelisting by IP address and
> > netblock.
> > + $bb2_whitelist_ip_ranges = array(
> > + "64.191.203.34/32", // Digg whitelisted as of 2.0.12
> > + "208.67.217.130/32", // Digg whitelisted as of 2.0.12
> > + "10.0.0.0/8",
> > + "172.16.0.0/12",
> > + "192.168.0.0/16",
> > +// "127.0.0.1",
> > + );
> > +
> > + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> > DANGER!
> > +
> > + // Inappropriate whitelisting WILL expose you to spam, or cause
> > Bad
> > + // Behavior to stop functioning entirely! DO NOT WHITELIST
> > unless you
> > + // are 100% CERTAIN that you should.
> > +
> > + // You should not whitelist search engines by user agent. Use
> > the IP
> > + // netblock for the search engine instead. See
> > http://whois.arin.net/
> > + // to locate the netblocks for an IP.
> > +
> > + // User agents are matched by exact match only.
> > +
> > + // Includes one example of whitelisting by user agent.
> > + // All are commented out.
> > + $bb2_whitelist_user_agents = array(
> > + // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
> > It's me, let me in",
> > + );
> > +
> > + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> > DANGER!
> > +
> > + // Do not edit below this line
> > +
> > + if (!empty($bb2_whitelist_ip_ranges)) {
> > + foreach ($bb2_whitelist_ip_ranges as $range) {
> > + if (match_cidr($package['ip'], $range)) return
> > true;
> > + }
> > + }
> > + if (!empty($bb2_whitelist_user_agents)) {
> > + foreach ($bb2_whitelist_user_agents as $user_agent) {
> > + if
> > (!strcmp($package['headers_mixed']['User-Agent'], $user_agent)) return true;
> > + }
> > + }
> > + return false;
> > +}
> > +
> > +?>
> >
> > Modified: plog/branches/lifetype-1.2
> > /plugins/badbehavior/pluginbadbehavior.class.php
> > ===================================================================
> > --- plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php 2008-02-28
> > 10:54:49 UTC (rev 6191)
> > +++ plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php 2008-02-29
> > 06:49:43 UTC (rev 6192)
> > @@ -20,7 +20,7 @@
> > $this->desc = "Bad Behavior for LifeType";
> > $this->author = "The Lifetype Project";
> > $this->db =& Db::getDb();
> > - $this->version = "20071205";
> > + $this->version = "20080228";
> >
> > $config =& Config::getConfig();
> > $prefix = Db::getPrefix();
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://limedaley.com/mailman/listinfo/plog-svn
> >
>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://limedaley.com/pipermail/plog-svn/attachments/20080229/dca387ba/attachment-0001.htm
More information about the pLog-svn
mailing list