Date: Fri, 04 Jun 1999 17:04:58 +0100 From: steve caturan <scaturan@ix.netcom.com> To: Chris <cconel@aussie.org> Cc: "security@FreeBSD.ORG" <security@FreeBSD.ORG> Subject: Re: Net abuse/DOS with Teleport Pro ? Message-ID: <3757F92A.1AA9FA9B@ix.netcom.com> References: <199906041843.EAA08014@mail.aussie.org>
next in thread | previous in thread | raw e-mail | index | archive | help
howdy, i believe Teleport Pro is quite similar to BlackWidow ( softbytelabs.com or softbytelab.com)..which is a "webspider". A "site leecher" basically...used by many scan-collectors to leech off pics, zip, mp3s and so on from various websites without having to necessarily use a browser. steve caturan (chye-fhut) scaturan@ix.netcom.com Chris wrote: > > Upon processing my logs for the past few days, I noted an anamoly with regard > to one particular directory. I checked out the logs manually. > > During two periods over two days, a person using a agent that identified > itself as 'Teleport Pro/1.26' made over ---THIRTY THOUSAND--- hits on my web > server (at a rate of roughly one per second), repeatedly asking for the same > (or similar) rubbish URL, as such ... > > /Docs/?S=A?M=A?N=A?S=D?N=A?S=D?S=D > /Docs/?S=A?M=A?N=A?S=D?N=A?S=D?S=A > /Docs/?S=A?M=A?N=A?S=D?N=A?S=D?S=M > > and a number of variations of this. All came from the same IP address. > > I have not used this software and am unaware of its abilities, but I am > amazed that any responsible firm would distribute software that could be so > easily abused in this way. What it is doing seems, to me, to be either a user > doing something silly, or a bug in teleport pro (more likely the latter). > > Anyone seen this ? > > -- Chris > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3757F92A.1AA9FA9B>