[pLog-svn] r6192 -inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
Jon Daley
plogworld at jon.limedaley.com
Fri Feb 29 08:30:02 EST 2008
Couldn't you run the regular plugin release script for releases
that you really want to release outside of a lifetype branch? For this
particular check-in, was it an important change?
On Fri, 29 Feb 2008, Mark Wu wrote:
> Hi Paul:
>
> I remember we did this before, the plugins and core are seperate in
> different repository directories.
>
> The resaon we move the bad behavior to the core is becasue we want it as
> part of core ... and deliver it with lifetype official release.
>
> If there are an urgent patch or upgrade of bad behavior, I think we can
> release a lifetype hotfix for it.
>
> How do you think?
>
> Mark
>
>
> _____
>
> From: plog-svn-bounces at devel.lifetype.net
> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul Westbrook
> Sent: Friday, February 29, 2008 4:05 PM
> To: LifeType Developer List
> Subject: Re: [pLog-svn] r6192
> -inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
>
>
> Hello,
> Sure. But I am wondering about something slightly different. I am
> thinking about when more people have moved to 2.0. I assume that there will
> be a period that 1.2 will still be a supported release, but most developers
> will be working on 2.0.
>
> If there is a new version of bad behavior, currently we need to do a new
> release of LifeType, as the bad behavior plugin is not available separately.
>
> I assume that at some point we will move the bad behavior plugin to the
> plugin branch, to make it easier to release new versions of this plugin.
>
> --Paul
>
>
> On 2/28/08, Mark Wu <markplace at gmail.com> wrote:
>
> Hi Paul:
>
> I think it is okay. Bcasue I always merge the 1.2 branch to trunk in a
> certain period . These changes will apply to 2.0-dev very soon.
>
> Regards, Mark
>
>
> _____
>
> From: plog-svn-bounces at devel.lifetype.net
> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul Westbrook
> Sent: Friday, February 29, 2008 2:57 PM
> To: LifeType Developer List
> Subject: Re: [pLog-svn] r6192 -
> inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
>
>
>
> Hello,
> As development for LifeType 2.0 takes highe priority, will this plugin,
> or the LifeType 1.2 version of it, move back to the main plugin subversion
> branch? This would allow quick patches to the plugin to be done, with out
> having to spin a whole LifeType release.
>
> --Paul
>
>
> On 2/28/08, pwestbro at devel.lifetype.net <pwestbro at devel.lifetype.net> wrote:
>
>
> Author: pwestbro
> Date: 2008-02-29 01:49:43 -0500 (Fri, 29 Feb 2008)
> New Revision: 6192
>
> Modified:
>
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
> p
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
>
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
>
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
> p
>
> plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
> Log:
> Checked in version 2.0.13 of bad behavior
>
>
> Modified:
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
> p
> ===================================================================
> ---
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
> p 2008-02-28 10:54:49 UTC (rev 6191)
> +++
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
> p 2008-02-29 06:49:43 UTC (rev 6192)
> @@ -1,113 +1,113 @@
> -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> -
> -function bb2_blacklist($package) {
> -
> - // Blacklisted user agents
> - // These user agent strings occur at the beginning of the line.
> - $bb2_spambots_0 = array(
> - "<sc", // XSS exploit attempts
> - "8484 Boston Project", // video poker/porn spam
> - "adwords", // referrer spam
> - "autoemailspider", // spam harvester
> - "blogsearchbot-martin", // from honeypot
> - "Digger", // spam harvester
> - "ecollector", // spam harvester
> - "EmailCollector", // spam harvester
> - "Email Extractor", // spam harvester
> - "Email Siphon", // spam harvester
> - "EmailSiphon", // spam harvester
> - "grub crawler", // misc comment/email spam
> - "HttpProxy", // misc comment/email spam
> - "Internet Explorer", // XMLRPC exploits seen
> - "Jakarta Commons", // custommised spambots
> - "Java 1.", // definitely a spammer
> - "Java/1.", // definitely a spammer
> - "libwww-perl", // spambot scripts
> - "LWP", // spambot scripts
> - "Microsoft URL", // spam harvester
> - "Missigua", // spam harvester
> - "MJ12bot", // crawls MUCH too fast
> - "Movable Type", // customised spambots
> - "Mozilla ", // malicious software
> - "Mozilla/4.0(", // from honeypot
> - "Mozilla/4.0+(", // suspicious harvester
> - "MSIE", // malicious software
> - "NutchCVS", // unidentified robots
> - "Nutscrape/", // misc comment spam
> - "OmniExplorer", // spam harvester
> - "psycheclone", // spam harvester
> - "PussyCat ", // misc comment spam
> - "PycURL", // misc comment spam
> - "Shockwave Flash", // spam harvester
> - "TrackBack/", // trackback spam
> - "user", // suspicious harvester
> - "User Agent: ", // spam harvester
> - "User-Agent: ", // spam harvester
> - "Wordpress", // malicious software
> - "\"", // malicious software
> - );
> -
> - // These user agent strings occur anywhere within the line.
> - $bb2_spambots = array(
> - "\r", // A really dumb bot
> - "; Widows ", // misc comment/email spam
> - "a href=", // referrer spam
> - "Bad Behavior Test", // Add this to your user-agent to
> test BB
> - "compatible ; MSIE", // misc comment/email spam
> - "compatible-", // misc comment/email spam
> - "DTS Agent", // misc comment/email spam
> - "Gecko/25", // revisit this in 500 years
> - "grub-client", // search engine ignores robots.txt
> - "hanzoweb", // very badly behaved crawler
> - "Indy Library", // misc comment/email spam
> - "larbin at unspecified", // stealth harvesters
> - "Murzillo compatible", // comment spam bot
> - ".NET CLR 1)", // free poker, etc.
> - "POE-Component-Client", // free poker, etc.
> - "Turing Machine", // www.anonymizer.com abuse
> - "WebaltBot", // spam harvester
> - "WISEbot", // spam harvester
> - "WISEnutbot", // spam harvester
> - "Windows NT 4.0;)", // wikispam bot
> - "Windows NT 5.0;)", // wikispam bot
> - "Windows NT 5.1;)", // wikispam bot
> - "Windows XP 5", // spam harvester
> - "\\\\)", // spam harvester
> - );
> -
> - // These are regular expression matches.
> - $bb2_spambots_regex = array(
> - "/^[A-Z]{10}$/", // misc email spam
> - "/^Mozilla...[05]$/i", // fake user agent/email spam
> - "/[bcdfghjklmnpqrstvwxz ]{8,}/",
> -// "/(;\){1,2}$/", // misc spammers/harvesters
> -// "/MSIE.*Windows XP/", // misc comment spam
> - );
> -
> - // Do not edit below this line.
> -
> - $ua = $package['headers_mixed']['User-Agent'];
> -
> - foreach ($bb2_spambots_0 as $spambot) {
> - $pos = stripos($ua, $spambot);
> - if ($pos !== FALSE && $pos == 0) {
> - return "17f4e8c8";
> - }
> - }
> -
> - foreach ($bb2_spambots as $spambot) {
> - if (stripos($ua, $spambot) !== FALSE) {
> - return "17f4e8c8";
> - }
> - }
> -
> - foreach ($bb2_spambots_regex as $spambot) {
> - if (preg_match($spambot, $ua)) {
> - return "17f4e8c8";
> - }
> - }
> -
> - return FALSE;
> -}
> -
> -?>
> +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> +
> +function bb2_blacklist($package) {
> +
> + // Blacklisted user agents
> + // These user agent strings occur at the beginning of the line.
> + $bb2_spambots_0 = array(
> + "<sc", // XSS exploit attempts
> + "8484 Boston Project", // video poker/porn spam
> + "adwords", // referrer spam
> + "autoemailspider", // spam harvester
> + "blogsearchbot-martin", // from honeypot
> + "Digger", // spam harvester
> + "ecollector", // spam harvester
> + "EmailCollector", // spam harvester
> + "Email Extractor", // spam harvester
> + "Email Siphon", // spam harvester
> + "EmailSiphon", // spam harvester
> + "grub crawler", // misc comment/email spam
> + "HttpProxy", // misc comment/email spam
> + "Internet Explorer", // XMLRPC exploits seen
> + "Jakarta Commons", // custommised spambots
> + "Java 1.", // definitely a spammer
> + "Java/1.", // definitely a spammer
> + "libwww-perl", // spambot scripts
> + "LWP", // spambot scripts
> + "Microsoft URL", // spam harvester
> + "Missigua", // spam harvester
> + "MJ12bot", // crawls MUCH too fast
> + "Movable Type", // customised spambots
> + "Mozilla ", // malicious software
> + "Mozilla/4.0(", // from honeypot
> + "Mozilla/4.0+(", // suspicious harvester
> + "MSIE", // malicious software
> + "NutchCVS", // unidentified robots
> + "Nutscrape/", // misc comment spam
> + "OmniExplorer", // spam harvester
> + "psycheclone", // spam harvester
> + "PussyCat ", // misc comment spam
> + "PycURL", // misc comment spam
> + "Shockwave Flash", // spam harvester
> + "TrackBack/", // trackback spam
> + "user", // suspicious harvester
> + "User Agent: ", // spam harvester
> + "User-Agent: ", // spam harvester
> + "Wordpress", // malicious software
> + "\"", // malicious software
> + );
> +
> + // These user agent strings occur anywhere within the line.
> + $bb2_spambots = array(
> + "\r", // A really dumb bot
> + "; Widows ", // misc comment/email spam
> + "a href=", // referrer spam
> + "Bad Behavior Test", // Add this to your user-agent to
> test BB
> + "compatible ; MSIE", // misc comment/email spam
> + "compatible-", // misc comment/email spam
> + "DTS Agent", // misc comment/email spam
> + "Gecko/25", // revisit this in 500 years
> + "grub-client", // search engine ignores robots.txt
> + "hanzoweb", // very badly behaved crawler
> + "Indy Library", // misc comment/email spam
> + "larbin at unspecified", // stealth harvesters
> + "Murzillo compatible", // comment spam bot
> + ".NET CLR 1)", // free poker, etc.
> + "POE-Component-Client", // free poker, etc.
> + "Turing Machine", // www.anonymizer.com abuse
> + "WebaltBot", // spam harvester
> + "WISEbot", // spam harvester
> + "WISEnutbot", // spam harvester
> + "Windows NT 4.0;)", // wikispam bot
> + "Windows NT 5.0;)", // wikispam bot
> + "Windows NT 5.1;)", // wikispam bot
> + "Windows XP 5", // spam harvester
> + "\\\\)", // spam harvester
> + );
> +
> + // These are regular expression matches.
> + $bb2_spambots_regex = array(
> + "/^[A-Z]{10}$/", // misc email spam
> + "/^Mozilla...[05]$/i", // fake user agent/email spam
> + "/[bcdfghjklmnpqrstvwxz ]{8,}/",
> +// "/(;\){1,2}$/", // misc spammers/harvesters
> +// "/MSIE.*Windows XP/", // misc comment spam
> + );
> +
> + // Do not edit below this line.
> +
> + $ua = $package['headers_mixed']['User-Agent'];
> +
> + foreach ($bb2_spambots_0 as $spambot) {
> + $pos = strpos($ua, $spambot);
> + if ($pos !== FALSE && $pos == 0) {
> + return "17f4e8c8";
> + }
> + }
> +
> + foreach ($bb2_spambots as $spambot) {
> + if (strpos($ua, $spambot) !== FALSE) {
> + return "17f4e8c8";
> + }
> + }
> +
> + foreach ($bb2_spambots_regex as $spambot) {
> + if (preg_match($spambot, $ua)) {
> + return "17f4e8c8";
> + }
> + }
> +
> + return FALSE;
> +}
> +
> +?>
>
> Modified:
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
> ===================================================================
> --- plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
> 2008-02-28 10:54:49 UTC (rev 6191)
> +++ plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
> 2008-02-29 06:49:43 UTC (rev 6192)
> @@ -1,24 +1,25 @@
> -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> -
> -// Analyze user agents claiming to be MSIE
> -
> -function bb2_msie($package)
> -{
> - if (!array_key_exists('Accept', $package['headers_mixed'])) {
> - return "17566707";
> - }
> -
> - // MSIE does NOT send "Windows ME" or "Windows XP" in the user agent
> - if (strpos($package['headers_mixed']['User-Agent'], "Windows ME")
> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows XP")
> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows 2000")
> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32") !==
> FALSE) {
> - return "a1084bad";
> - }
> -
> - // MSIE does NOT send Connection: TE
> - if (preg_match('/\bTE\b/i',
> $package['headers_mixed']['Connection'])) {
> - return "2b90f772";
> - }
> -
> - return false;
> -}
> -
> -?>
> +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> +
> +// Analyze user agents claiming to be MSIE
> +
> +function bb2_msie($package)
> +{
> + if (!array_key_exists('Accept', $package['headers_mixed'])) {
> + return "17566707";
> + }
> +
> + // MSIE does NOT send "Windows ME" or "Windows XP" in the user agent
> + if (strpos($package['headers_mixed']['User-Agent'], "Windows ME")
> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows XP")
> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows 2000")
> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32") !==
> FALSE) {
> + return "a1084bad";
> + }
> +
> + // MSIE does NOT send Connection: TE but Akamai does
> + // Bypass this test when Akamai detected
> + if (!array_key_exists('Akamai-Origin-Hop',
> $package['headers_mixed']) && preg_match('/\bTE\b/i',
> $package['headers_mixed']['Connection'])) {
> + return "2b90f772";
> + }
> +
> + return false;
> +}
> +
> +?>
>
> Modified:
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
> ===================================================================
> ---
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
> 2008-02-28 10:54:49 UTC (rev 6191)
> +++
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
> 2008-02-29 06:49:43 UTC (rev 6192)
> @@ -1,3 +1,3 @@
> -<?php if (!defined('BB2_CWD')) die("I said no cheating!");
> -define('BB2_VERSION', "2.0.11");
> -?>
> +<?php if (!defined('BB2_CWD')) die("I said no cheating!");
> +define('BB2_VERSION', "2.0.13");
> +?>
>
> Modified:
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
> p
> ===================================================================
> ---
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
> p 2008-02-28 10:54:49 UTC (rev 6191)
> +++
> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
> p 2008-02-29 06:49:43 UTC (rev 6192)
> @@ -1,56 +1,58 @@
> -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> -
> -function bb2_whitelist($package)
> -{
> - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> -
> - // Inappropriate whitelisting WILL expose you to spam, or cause Bad
> - // Behavior to stop functioning entirely! DO NOT WHITELIST unless
> you
> - // are 100% CERTAIN that you should.
> -
> - // IP address ranges use the CIDR format.
> -
> - // Includes four examples of whitelisting by IP address and
> netblock.
> - $bb2_whitelist_ip_ranges = array(
> - "10.0.0.0/8",
> - "172.16.0.0/12",
> - "192.168.0.0/16",
> -// "127.0.0.1",
> - );
> -
> - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> -
> - // Inappropriate whitelisting WILL expose you to spam, or cause Bad
> - // Behavior to stop functioning entirely! DO NOT WHITELIST unless
> you
> - // are 100% CERTAIN that you should.
> -
> - // You should not whitelist search engines by user agent. Use the IP
> - // netblock for the search engine instead. See
> http://whois.arin.net/
> - // to locate the netblocks for an IP.
> -
> - // User agents are matched by exact match only.
> -
> - // Includes one example of whitelisting by user agent.
> - // All are commented out.
> - $bb2_whitelist_user_agents = array(
> - // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
> It's me, let me in",
> - );
> -
> - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> -
> - // Do not edit below this line
> -
> - if (!empty($bb2_whitelist_ip_ranges)) {
> - foreach ($bb2_whitelist_ip_ranges as $range) {
> - if (match_cidr($package['ip'], $range)) return true;
> - }
> - }
> - if (!empty($bb2_whitelist_user_agents)) {
> - foreach ($bb2_whitelist_user_agents as $user_agent) {
> - if (!strcmp($package['headers_mixed']['User-Agent'],
> $user_agent)) return true;
> - }
> - }
> - return false;
> -}
> -
> -?>
> +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
> +
> +function bb2_whitelist($package)
> +{
> + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> +
> + // Inappropriate whitelisting WILL expose you to spam, or cause Bad
> + // Behavior to stop functioning entirely! DO NOT WHITELIST unless
> you
> + // are 100% CERTAIN that you should.
> +
> + // IP address ranges use the CIDR format.
> +
> + // Includes four examples of whitelisting by IP address and
> netblock.
> + $bb2_whitelist_ip_ranges = array(
> + "64.191.203.34/32", // Digg whitelisted as of 2.0.12
> + "208.67.217.130/32", // Digg whitelisted as of 2.0.12
> + "10.0.0.0/8",
> + "172.16.0.0/12",
> + "192.168.0.0/16",
> +// "127.0.0.1",
> + );
> +
> + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> +
> + // Inappropriate whitelisting WILL expose you to spam, or cause Bad
> + // Behavior to stop functioning entirely! DO NOT WHITELIST unless
> you
> + // are 100% CERTAIN that you should.
> +
> + // You should not whitelist search engines by user agent. Use the IP
> + // netblock for the search engine instead. See
> http://whois.arin.net/
> + // to locate the netblocks for an IP.
> +
> + // User agents are matched by exact match only.
> +
> + // Includes one example of whitelisting by user agent.
> + // All are commented out.
> + $bb2_whitelist_user_agents = array(
> + // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
> It's me, let me in",
> + );
> +
> + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
> +
> + // Do not edit below this line
> +
> + if (!empty($bb2_whitelist_ip_ranges)) {
> + foreach ($bb2_whitelist_ip_ranges as $range) {
> + if (match_cidr($package['ip'], $range)) return true;
> + }
> + }
> + if (!empty($bb2_whitelist_user_agents)) {
> + foreach ($bb2_whitelist_user_agents as $user_agent) {
> + if (!strcmp($package['headers_mixed']['User-Agent'],
> $user_agent)) return true;
> + }
> + }
> + return false;
> +}
> +
> +?>
>
> Modified:
> plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
> ===================================================================
> ---
> plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
> 2008-02-28 10:54:49 UTC (rev 6191)
> +++
> plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
> 2008-02-29 06:49:43 UTC (rev 6192)
> @@ -20,7 +20,7 @@
> $this->desc = "Bad Behavior for LifeType";
> $this->author = "The Lifetype Project";
> $this->db =& Db::getDb();
> - $this->version = "20071205";
> + $this->version = "20080228";
>
> $config =& Config::getConfig();
> $prefix = Db::getPrefix();
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
>
>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
>
>
>
--
Jon Daley
http://jon.limedaley.com/
No idea that sits in your head is there rent free.
If the idea is not "useful", get rid of it.
-- Dr. Richard Farmer
More information about the pLog-svn
mailing list