On 1 May 2013 11:11, Graham Leggett <minf...@sharp.fm> wrote: > On 01 May 2013, at 11:34 AM, Marian Marinov <m...@yuhu.biz> wrote: > >> Actually, what we are observing is completely opposite to what you are >> saying. >> Delaying spam bots, brute force attacks, and vulnerability scanners >> significantly decreases the amount of requests we get from them. >> So, our observation tells us, that if you pretend that your machine is slow, >> the bots abandon this IP and continue to the next one. > > I don't see what difference this makes practically from the perspective of a > bot. A server that returns 404 to a bot is of no interest to that bot. > Whether that bot gave up because it saw a 404, or because it perceived the > box to be too slow to bother is moot, in either case the bot isn't interested > in that host anyway. > > Remember we're talking about bots, not people. Bots don't get bored, they > don't get "dismayed" or "disillusioned", they just crack on with the job > they've been given to do, massively, in parallel. > > I think bots would prefer it if servers it wasn't interested in returned > nothing, as it means less incoming traffic for the bot to process, and > potentially a lower chance that the bot would be discovered.
The fact you cannot explain the evidence does not invalidate the evidence. Jeez.