April 14, 2004
this is what a comment spamming script looks like
Host: 213.91.217.13
Url: /blog/archives/001137.html
Http Code : 200
Date: Apr 14 10:16:44
Http Version: HTTP/1.1"
Size in Bytes: 11922
Referer: http://www.cleverhack.comhttp://WWW.cleverhack.com/cgi-bin/mt/mt-comments.cgi
Agent: MSIE 5.0
This appears to be a script using an email of top@tredgf.com. Just so you know.
Posted by joy at April 14, 2004 10:22 AM | TrackBackAll of a sudden I've been getting some agressive comment spamming on my offline blog. The following was posted as a comment to 4 different blog entries.
>Comments: WMD
>Erase this message and you'll never see it again. ( - >Spamentermine) http://www.spamaddress.com >15.2728019821556
>Posted by Spamentermine at 20.04.04 23:58
Funny thing is that this started happening AFTER I took my blog offline and put my BB in its place. I rewrote the blog index.html into a simple redirect to my BB cgi script. Later on, I got an email stating that someone posted to my blog. Say what? Netscape and Safari showed nothing weird (and yes, I did the whole refresh/empty cache/delete history thing) but when I went to my BB with Explorer, I was served my old, supposedly offline blog. Thinking that maybe my ISP had a hiccup I simply rewrote the redirect.
Well, it happened again. I immediately went to check permissions and sure enough, index.html was 777. Oops. I could have sworn that I had chmoded that properly. That was a rookie move on my part. Or is there a security hole I need to be aware of?
Exactly what are these spammers sending out to take advantage of such situations?
Posted by: rudy at April 25, 2004 04:10 PM