hello drh, list
I used to think that only in my country they can forbid
knives and forks because someone can misuse them, but
obviously it is true for other countries too.
Regards,
Emily
-
Спортни залагания!
bg.sportingbet.com
Peter James wrote:
On 1/30/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
A couple of people here mentioned CAPTCHA's. This is sort of the
standard
for preventing automated abuse
On 1/30/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Last night, a single user (or, at least, a single IP address)
in China that self-identified as running windows98 and
Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
24980 times and sqlite-source-3_3_12.zip 25044 times
over about a 5
Maybe you can limit the times per hour that a single IP address can
download something from your web site.
For example max 50 download per file per hour for a single IP address.
This prevents current and future abuses...
---
Marco Bambini
http://www.sqlabs.net
http://www.sqlabs.net/blog/
[EMAIL PROTECTED] wrote:
But lately, there have been so many problems coming from
win98 and moz4 that I'm thinking of banning all traffic
that self-identifies as such in the User-Agent string of
the HTTP header.
Thoughts anyone? Are there less drastic measures that might
be taken to
| Last night, a single user (or, at least, a single IP address)
| in China that self-identified as running windows98 and
| Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
| 24980 times and sqlite-source-3_3_12.zip 25044 times
| over about a 5 hour period, sucking up significant
| bandwidth
[EMAIL PROTECTED] was heard to say:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
Frankly, I can't imagine someone sitting in China in front of a Win98 box and
hitting the download button 25044 times. I guess this is scripted, and they
On Tue, 30 Jan 2007 12:58:01 +, [EMAIL PROTECTED] wrote:
Last night, a single user (or, at least, a single IP address)
in China that self-identified as running windows98 and
Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
24980 times and sqlite-source-3_3_12.zip 25044 times
over about
You could adapt this ruleset used to block ssh bruteforce attacks:
( quoting from http://www.la-samhna.de/library/brutessh.html )
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set \
--name SSH -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m recent --update --seconds
60
[EMAIL PROTECTED] wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
Headers can always be forged as to browser and OS. Attackers will
eventually figure it out and then you're back to the drawing board
again. As tempting as this
On Tue, 30 Jan 2007, Mark Richards wrote:
Returning a link that expires in an email to the requester is a method
that works nicely. It does require some programming and maintenance, but
would be a nice gatekeeper.
Rather than this, I support the idea of an image with letters and digits
in
Mark Richards [EMAIL PROTECTED] wrote:
Headers can always be forged as to browser and OS. Attackers will
eventually figure it out and then you're back to the drawing board
again.
Everybody seems to assume that the problem is an attack. I
say that you should never attribute to malice
My server has been under heavy attack in the past few hours and I am
also looking for a way to lock out abusers. I am thinking of making a
change to tcpwrappers to identify abusers and place them on the deny
list. I want to permit mobile users to access services like POP3 but to
deny an
It may not be as innocent as you suspect. There are well organized
hacking schemes in China, with Chinese Government support in some cases.
One of these may have been practising on your site. The header is not
conclusive evidence of its origin.
[EMAIL PROTECTED] wrote:
Mark Richards
On Tue, 30 Jan 2007, [EMAIL PROTECTED] wrote:
Everybody seems to assume that the problem is an attack. I say that you
should never attribute to malice what can be explained by simple
stupidity.
In this context, Richard, I think your original idea of blocking the OS
and/or antique version of
] Abuse of the SQLite website
On Tue, 30 Jan 2007, Mark Richards wrote:
Returning a link that expires in an email to the requester is a method
that works nicely. It does require some programming and maintenance, but
would be a nice gatekeeper.
Rather than this, I support the idea of an image
[EMAIL PROTECTED] wrote:
Something stupid like that. Maybe somebody can have a look
at the HTTP reply headers that www.sqlite.org issues and point
out any problems.
http://validator.w3.org/ reports a couple of minor problems (missing character
encoding, no DOCTYPE and a couple of spurious /p
[EMAIL PROTECTED] wrote:
Everybody seems to assume that the problem is an attack. I
say that you should never attribute to malice what can be
explained by simple stupidity.
I agree, it is quite probably an unintentional attack.
So my question is really more like this: Who will get upset
On Tue, 2007-01-30 at 12:58 +, [EMAIL PROTECTED] wrote:
Last night, a single user (or, at least, a single IP address)
in China that self-identified as running windows98 and
Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
24980 times and sqlite-source-3_3_12.zip 25044 times
over
* Terry Jones:
Given 50K attempts in 5 hours, this is either a bug somewhere or it's
automated, likely the latter.
I've seen broken proxies which acted as accidental traffic amplifiers.
It's not necessarily a deliberate attack.
I fix computers for customers during evenings and weekends and I have
only have 2 customers (so far) using Windows 98. Nearly everyone, even
the many seniors among my clients, use Windowx XP and/or OS X.
I feel that banning Win 98 machines is therefore appropriate. Serious
developers wouldn't
When the date was Tuesday 30 January 2007 16:53, [EMAIL PROTECTED] wrote:
So my question is really more like this: Who will get upset
if www.sqlite.org ceases to function for win98 users?
You can definitely answer this question based on server's logs but still,
banning users based on OS/UA
[EMAIL PROTECTED] wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
It will take a little bit of work, but one solution is to start
throttling traffic for the relevant parties, increasing the throttling
the more they seem to abuse your
On 1/30/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
A couple of people here mentioned CAPTCHA's. This is sort of the standard
for preventing automated abuse (intentional or
24 matches
Mail list logo