Date: Sat, 05 Jun 1999 23:57:51 +1000 From: "Chris " <cconel@aussie.org> To: "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: Net abuse/DOS with Teleport Pro ? Message-ID: <199906051356.XAA09263@mail.aussie.org>
next in thread | raw e-mail | index | archive | help
On Fri, 4 Jun 1999 21:54:58 -0700 (PDT), Brook Miles wrote: >If you view the /Docs/ directory with a web-browser you will likely be >presented with the directory listing and automatically generated links >labeled "Name", "Last Modified" and so on above the columns...clicking on >"Name" for example links to /Docs/?N=D which will give you the same list >but sorted by name in descending order. Aha ... now I know where the ?N=D and suchlike rubbish is coming from. From what I can tell, then, Teleport Pro is evidently so bug-infested that it can't tell it's arse from its head. Or something like that. Sigh. While I could just ban teleport pro agents from the site, then the users would just tell it to impersonate something else. Sounds like I need to think about writing an apache module that's smart enough to spot patterns of abuse and cut them off (has anyone already done this?). ['Patterns of abuse'. Like automatically cutting off someone like the kind user at fluke.com who recently decided to grab one of our entire sites, along with about 2gb of image files, by setting up some software (unknown) to make roughly 60 concurrent HTTP connections. The fluke folks told me that they used NAT at their firewall and 'didn't keep logs', and so couldn't reprimand the user responsible. Sigh.] -- Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906051356.XAA09263>