Date: Tue, 15 Oct 2002 04:02:23 -0700 From: Benjamin Krueger <benjamin@seattleFenix.net> To: Arkadi Kosmynin <ank@ozinsight.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: An attack? Does it happen to anybody else? Message-ID: <20021015110223.GA15252@surreal.seattlefenix.net> In-Reply-To: <000f01c27434$903aa8c0$0200a8c0@anna> References: <000f01c27434$903aa8c0$0200a8c0@anna>
next in thread | previous in thread | raw e-mail | index | archive | help
* Arkadi Kosmynin (ank@ozinsight.com) [021015 03:21]: > Hi, > > > There were 3 incidents of high volume downloading from our site during the > past week. I can't understand what is going on and would appreciate any info > on the issue. > > I checked our logs: > > Folks from 195.210.137.130 downloaded ~140MB of the same file. > Folks from 212.160.201.118 ~ 350MB. > Folks from 213.17.138.154 ~ 590MB. > > This hurts us. What can I do about it? > > > Thanks, > > Arkadi. You neglect to mention what service (ftp, http?) this is affecting, what they were downloading, and whether the content is publicly available. Personally, I never recommend that one assume every painful action on the internet is malicious. Often folks end up acting hostile in return, only to find that the problem was simply misconfigured software or a misguided server administrator. If it hurts, stop it. Block the hosts at the firewall, contact the administrator of those machines or that network space, remove or move the files, use tcp wrappers to lock them out, implement rate limiting, hide the content behind a username and password, or cry. All are reasonable options, and all but one are productive. -- Benjamin Krueger ---------------------------------------------------------------- Send mail w/ subject 'send public key' or query for (0x251A4B18) Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021015110223.GA15252>