From owner-freebsd-security Sat May 22 18:40:55 1999 Delivered-To: freebsd-security@freebsd.org Received: from Rigel.orionsys.com (rigel.orionsys.com [205.148.224.9]) by hub.freebsd.org (Postfix) with ESMTP id 13B0D151C5 for ; Sat, 22 May 1999 18:40:48 -0700 (PDT) (envelope-from root@Rigel.orionsys.com) Received: from localhost (root@localhost) by Rigel.orionsys.com (8.8.8/8.8.8) with ESMTP id SAA28611; Sat, 22 May 1999 18:40:23 -0700 (PDT) (envelope-from root@Rigel.orionsys.com) Date: Sat, 22 May 1999 18:40:20 -0700 (PDT) From: David Babler To: Gregory Sutter Cc: Brett Glass , security@FreeBSD.ORG Subject: Re: Denial of service attack from "imagelock.com" In-Reply-To: <19990522181624.B93974@001101.zer0.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 22 May 1999, Gregory Sutter wrote: > On Sat, May 22, 1999 at 11:05:28AM -0600, Brett Glass wrote: > > This morning, someone at the domain "imagelock.com" apparently launched a > > denial of service attack against a Web server I administer. The abuser was > > repeatedly downloading large image files simultaneously. While the log > > entries say that the user agent was "Mozilla > > /3.01C-PBWF", this was clearly spoofed; no Netscape user could possibly > > browse that fast. > > imagelock.com has been banned from my web servers ever since they > initiated a DoS attack against me a few months ago. Basically, they > download every accessible file on a website. The company's MO is to > check all images, etc. on a site in order to determine where on teh > web "copyrighted information" is being stored, so people can be > prosecuted for misusing copyrighted images. > > Not only does their hard-hitting web client suck, their business model > is disgusting. I hate everything about these people; I hope their > skulls accidentally get crushed by a steamroller. Their web client also gleefully ignores robots.txt as well, and spent 2 hours here chasing web poisoned pages - apparently quitting only when it didn't find any images to fingerprint. So they're now blocked here at the firewall too - thanks for the heads-up. Wonder how much they can sell their service for when they find they don't have access to poke around? -Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message