Date: Sat, 22 May 1999 11:05:28 -0600 From: Brett Glass <brett@lariat.org> To: security@FreeBSD.ORG Subject: Denial of service attack from "imagelock.com" Message-ID: <4.2.0.37.19990522105949.0465d4a0@localhost>
next in thread | raw e-mail | index | archive | help
This morning, someone at the domain "imagelock.com" apparently launched a denial of service attack against a Web server I administer. The abuser was repeatedly downloading large image files simultaneously. While the log entries say that the user agent was "Mozilla /3.01C-PBWF", this was clearly spoofed; no Netscape user could possibly browse that fast. Because that server has a limited amount of Internet bandwidth, and because it also handles several dial-up connections and Web sites, many people were being severely impacted by this abuse. When we attempted to trace the attack to the source, we noted that the abuser was attempting to prevent the determination of his or her address by enabling reverse but not forward name resolution. We locked them out of the Web server, but not before they brought several e-commerce Web sites to a crawl. Who are these people? Sincerely, Brett Glass, System Administrator To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.0.37.19990522105949.0465d4a0>