plog trackspam 記錄

edited 十月 2013 in 個人資訊管理
在 plog 中裝了這個外掛:
http://wiki.plogworld.org.tw/index.php/PLog_1.0/Plugins/validatetrackback

雖然 trackback spam 減少了,但還是無法完全根除,因此在運作機制中安插了一個紀錄,看看他們是透過什麼樣的方式發送廣告;剛剛發現有五筆資料進入,其中兩筆資料逃過了驗證機制,而五筆資料都是來自不同的 IP ,因此猜想這是不是某個小程式中的後門程式作祟,下面是這五筆資料的摘要:

1.
[_url] => http:// www . lepcart . com / texas-hold-em.html
   [_title] => online texas hold\'em
   [_articleId] => 39
   [_excerpt] => Check these:  party poker  rag texas hold em .
   [_blogName] => online texas hold\'em
   [_date] => 20051101084415
   [CONTENT_LENGTH] => 342
   [CONTENT_TYPE] => application/x-www-form-urlencoded
   [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
   [REMOTE_ADDR] => 202.67.148.122
   [REMOTE_PORT] => 4048
    [GATEWAY_INTERFACE] => CGI/1.1
   [SERVER_PROTOCOL] => HTTP/1.0
   [REQUEST_METHOD] => POST
   [QUERY_STRING] => id=39

2.
    [_url] => http:// www . rhodashomes . com / play-blackjack.html
   [_title] => play blackjack for fun
   [_articleId] => 60
   [_excerpt] => Check these:  cash play blackjack  blackjack online .
   [_blogName] => play blackjack for fun
   [_date] => 20051101081648
    [CONTENT_LENGTH] => 368
   [CONTENT_TYPE] => application/x-www-form-urlencoded
    [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
   [HTTP_VIA] => 1.1 Proxy2 (NetCache NetApp/5.6.1)
   [HTTP_X_FORWARDED_FOR] => 85.187.163.55
    [REMOTE_ADDR] => 200.219.184.81
   [REMOTE_PORT] => 6736
  [GATEWAY_INTERFACE] => CGI/1.1
   [SERVER_PROTOCOL] => HTTP/1.1
   [REQUEST_METHOD] => POST
   [QUERY_STRING] => id=60

3.
    [_url] => http:// www . rhodashomes . com / play-blackjack.html
   [_title] => play blackjack for fun
   [_articleId] => 36
   [_excerpt] => Check these:  blackjack online jam  play blackjack .
   [_blogName] => play blackjack for fun
   [_date] => 20051101081316
    [CONTENT_LENGTH] => 367
   [CONTENT_TYPE] => application/x-www-form-urlencoded
    [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
    [REMOTE_ADDR] => 66.210.239.34
   [REMOTE_PORT] => 2688
    [GATEWAY_INTERFACE] => CGI/1.1
   [SERVER_PROTOCOL] => HTTP/1.0
   [REQUEST_METHOD] => POST
   [QUERY_STRING] => id=36

4.
    [_url] => http:// www . lepcart . com / texas-hold-em.html
   [_title] => texas hold\'em poker
   [_articleId] => 68
   [_excerpt] => Check these:  party poker  texas hold em .
   [_blogName] => texas hold\'em poker
   [_date] => 20051101080408
    [CONTENT_LENGTH] => 336
   [CONTENT_TYPE] => application/x-www-form-urlencoded
    [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
    [REMOTE_ADDR] => 219.14.144.3
   [REMOTE_PORT] => 3427
    [GATEWAY_INTERFACE] => CGI/1.1
   [SERVER_PROTOCOL] => HTTP/1.0
   [REQUEST_METHOD] => POST
   [QUERY_STRING] => id=68

5.
    [_url] => http:// www . lepcart . com / texas-hold-em.html
   [_title] => texas hold\'em game
   [_articleId] => 35
   [_excerpt] => Check these:  texas hold em  party poker .
   [_blogName] => texas hold\'em game
   [_date] => 20051101080003
    [CONTENT_LENGTH] => 334
   [CONTENT_TYPE] => application/x-www-form-urlencoded
    [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
    [REMOTE_ADDR] => 69.11.157.46
   [REMOTE_PORT] => 4711
    [GATEWAY_INTERFACE] => CGI/1.1
   [SERVER_PROTOCOL] => HTTP/1.0
   [REQUEST_METHOD] => POST
   [QUERY_STRING] => id=35

現在沒空,所以只能消極的在看到紀錄時砍資料,先貼著,等有空再來研究吧。

原始討論: http://twpug.net/x/modules/newbb/viewtopic.php?topic_id=971

評論

Sign In or Register to comment.