Date: Fri, 4 Jun 1999 22:20:02 +0100 From: Ben Smithurst <ben@scientia.demon.co.uk> To: Chris <cconel@aussie.org> Cc: security@FreeBSD.ORG Subject: Re: Net abuse/DOS with Teleport Pro ? Message-ID: <19990604222002.A23089@rainbow5.scientia.demon.co.uk> In-Reply-To: <199906041843.EAA08014@mail.aussie.org> References: <199906041843.EAA08014@mail.aussie.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris wrote: > During two periods over two days, a person using a agent that identified > itself as 'Teleport Pro/1.26' made over ---THIRTY THOUSAND--- hits on my web > server (at a rate of roughly one per second), repeatedly asking for the same > (or similar) rubbish URL, as such ... > > /Docs/?S=A?M=A?N=A?S=D?N=A?S=D?S=D > /Docs/?S=A?M=A?N=A?S=D?N=A?S=D?S=A > /Docs/?S=A?M=A?N=A?S=D?N=A?S=D?S=M > > and a number of variations of this. All came from the same IP address. > > I have not used this software and am unaware of its abilities, but I am > amazed that any responsible firm would distribute software that could be so > easily abused in this way. What it is doing seems, to me, to be either a user > doing something silly, or a bug in teleport pro (more likely the latter). Teleport Pro is a program which fetches websites by following all links to a certain depth, for offline viewing. Looks like it got caught in one of Apache's directory indexes and got confused. I'd say it's a bug in Teleport Pro, not interpreting the links properly, and not any deliberate abuse. -- Ben Smithurst ben@scientia.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990604222002.A23089>