From owner-freebsd-security Sat May 22 20:27:31 1999 Delivered-To: freebsd-security@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id 89F7F14F95 for ; Sat, 22 May 1999 20:27:28 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id VAA21729; Sat, 22 May 1999 21:27:11 -0600 (MDT) Message-Id: <4.2.0.37.19990522212103.04683cc0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.37 (Beta) Date: Sat, 22 May 1999 21:23:59 -0600 To: David Babler , Gregory Sutter From: Brett Glass Subject: Re: Denial of service attack from "imagelock.com" Cc: security@FreeBSD.ORG In-Reply-To: References: <19990522181624.B93974@001101.zer0.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greg, David: Apparently, their ISP, ABOVE.NET, does listen to complaints. It would probably help others like us if you (and anyone else who's been hit by imagelock.com) could send accounts of these incidents to noc@above.net, carlos@akshun.above.net, and dlr@above.net. --Brett Glass At 06:40 PM 5/22/99 -0700, David Babler wrote: >On Sat, 22 May 1999, Gregory Sutter wrote: > > > On Sat, May 22, 1999 at 11:05:28AM -0600, Brett Glass wrote: > > > This morning, someone at the domain "imagelock.com" apparently > launched a > > > denial of service attack against a Web server I administer. The > abuser was > > > repeatedly downloading large image files simultaneously. While the log > > > entries say that the user agent was "Mozilla > > > /3.01C-PBWF", this was clearly spoofed; no Netscape user could possibly > > > browse that fast. > > > > imagelock.com has been banned from my web servers ever since they > > initiated a DoS attack against me a few months ago. Basically, they > > download every accessible file on a website. The company's MO is to > > check all images, etc. on a site in order to determine where on teh > > web "copyrighted information" is being stored, so people can be > > prosecuted for misusing copyrighted images. > > > > Not only does their hard-hitting web client suck, their business model > > is disgusting. I hate everything about these people; I hope their > > skulls accidentally get crushed by a steamroller. > >Their web client also gleefully ignores robots.txt as well, and spent 2 >hours here chasing web poisoned pages - apparently quitting only when it >didn't find any images to fingerprint. So they're now blocked here at the >firewall too - thanks for the heads-up. Wonder how much they can sell >their service for when they find they don't have access to poke around? > >-Dave > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message