WEll,
Movable Type is quickly becoming insecure, and being compromised by spam generating comment posting ‘bots.
In my attempts to block these, I have two black lists. One list is a list of referers that are banned, the other is a list of IP addresses that are banned.
The problem now is that they use the pages on the site itself to generate valid referers. So It’s hard to use the referer as a way to ban anymore.
But, here’s an interesting key - I wonder if anyone knows about this:
Can you have two DIFFERENT .NET CLR’s installed at the same time? Look at the USER_AGENT reported in this log:
67.8.154.9 - - [31/Oct/2004:14:22:57 -0600] "POST /perl/MT/mt-comments.cgi HTTP/1.1" 200 123 "http://65.64.129.129/MT/archives/000010.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; iOpus-I-M; SV1; .NET CLR 1.1.4322; .NET CLR 1.0.3705)"
67.8.154.9 - - [31/Oct/2004:14:27:18 -0600] “GET /MT/archives/000011.html HTTP/1.1″ 200 5316 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; iOpus-I-M; SV1; .NET CLR 1.1.4322; .NET CLR 1.0.3705)”
Is that legal? I’m planning on being more restrictive based upon “.NET CLR 1.1.4322; .NET CLR 1.0.3705″ I dont think its legal to report two different version of the .NET frramework. What do you think? Microsoft?
