Date: Mon, 24 May 1999 08:50:08 -0700 (PDT) From: Marc Slemko <marcs@znep.com> To: Brett Glass <brett@lariat.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Denial of service attack from "imagelock.com" Message-ID: <Pine.BSF.4.05.9905240845240.24565-100000@alive.znep.com> In-Reply-To: <4.2.0.37.19990524092545.0474cd50@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 24 May 1999, Brett Glass wrote: > At 10:45 AM 5/24/99 +0000, Joao Assad wrote: > > >In my logs I see a 10 secs interval between each request. > > In some of the ones I administer, it was 3 seconds or > less. And it ramps up, as if one of their scavengers > feeds URLs to the others. > > So much for the 3-10 minutes they claim! 3-10 minutes? Ha. I was seeing 10-20 hits per second on some machines, with hundreds of thousands of hits per day. Their robot is broken because it doesn't follow proper robot etiquette (eg. robots.txt, using a reasonable useragent, etc.), it does not behave like a "nice" robot should to lessen resource use, it apparently has no methods in place to stop it from crawling infinite loops in CGI scripts or other dynamic content, plus it is horribly dumb and appears to like randomly adding '/'s onto the end of URLs to see if it gets anything useful, plus it can't even parse HTML properly half the time. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9905240845240.24565-100000>