From owner-freebsd-security Sat May 22 22: 1:46 1999 Delivered-To: freebsd-security@freebsd.org Received: from waveconcepts.com (waveconcepts.com [207.126.116.40]) by hub.freebsd.org (Postfix) with ESMTP id 54332152D2 for ; Sat, 22 May 1999 22:01:38 -0700 (PDT) (envelope-from siberian@siberian.org) Received: from [199.108.171.41] ([199.108.171.41]) by waveconcepts.com (8.9.2/8.9.2) with ESMTP id WAA06391 for ; Sat, 22 May 1999 22:00:20 -0700 (PDT) Mime-Version: 1.0 X-Sender: siberian@207.126.116.40 Message-Id: In-Reply-To: <4.2.0.37.19990522212103.04683cc0@localhost> References: <19990522181624.B93974@001101.zer0.org> <4.2.0.37.19990522212103.04683cc0@localhost> Date: Sat, 22 May 1999 21:56:17 -0700 To: security@FreeBSD.ORG From: John Armstrong Subject: Re: Denial of service attack from "imagelock.com" Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Also hit abuse@above.net. They take these things really seriously, I know, I have been shutdown by them before for relaying mail. John- At 9:23 PM -0600 5/22/99, Brett Glass wrote: >Greg, David: > >Apparently, their ISP, ABOVE.NET, does listen to complaints. It would probably >help others like us if you (and anyone else who's been hit by imagelock.com) >could send accounts of these incidents to noc@above.net, >carlos@akshun.above.net, >and dlr@above.net. > >--Brett Glass > >At 06:40 PM 5/22/99 -0700, David Babler wrote: > > >>On Sat, 22 May 1999, Gregory Sutter wrote: >> >> > On Sat, May 22, 1999 at 11:05:28AM -0600, Brett Glass wrote: >> > > This morning, someone at the domain "imagelock.com" apparently >>launched a >> > > denial of service attack against a Web server I administer. >>The abuser was >> > > repeatedly downloading large image files simultaneously. While the log >> > > entries say that the user agent was "Mozilla >> > > /3.01C-PBWF", this was clearly spoofed; no Netscape user could possibly >> > > browse that fast. >> > >> > imagelock.com has been banned from my web servers ever since they >> > initiated a DoS attack against me a few months ago. Basically, they >> > download every accessible file on a website. The company's MO is to >> > check all images, etc. on a site in order to determine where on teh >> > web "copyrighted information" is being stored, so people can be >> > prosecuted for misusing copyrighted images. >> > >> > Not only does their hard-hitting web client suck, their business model >> > is disgusting. I hate everything about these people; I hope their >> > skulls accidentally get crushed by a steamroller. >> >>Their web client also gleefully ignores robots.txt as well, and spent 2 >>hours here chasing web poisoned pages - apparently quitting only when it >>didn't find any images to fingerprint. So they're now blocked here at the >>firewall too - thanks for the heads-up. Wonder how much they can sell >>their service for when they find they don't have access to poke around? >> >>-Dave >> >> >> >>To Unsubscribe: send mail to majordomo@FreeBSD.org >>with "unsubscribe freebsd-security" in the body of the message > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message -------------------------------------------------------------------- "..it seems, to put an even more bizarre twist to the story, that it is not illegal to export listings of encryption programs. Presumably, the enemies of freedom cannot read." - Apache : The Definitive Guide To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message