On 1/30/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Last night, a single user (or, at least, a single IP address)
in China that self-identified as running windows98 and
Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
24980 times and sqlite-source-3_3_12.zip 25044 times
over about a
Peter James wrote:
On 1/30/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
A couple of people here mentioned CAPTCHA's. This is sort of the
standard
for preventing automated abuse (intenti
hello drh, list
I used to think that only in my country they can forbid
knives and forks because someone can misuse them, but
obviously it is true for other countries too.
Regards,
Emily
-
Спортни залагания!
bg.sportingbet.com
-
On 1/30/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
A couple of people here mentioned CAPTCHA's. This is sort of the standard
for preventing automated abuse (intentional or unintentional
[EMAIL PROTECTED] wrote:
> Thoughts anyone? Are there less drastic measures that might
> be taken to prevent this kind of abuse?
It will take a little bit of work, but one solution is to start
throttling traffic for the relevant parties, increasing the throttling
the more they seem to abuse your
When the date was Tuesday 30 January 2007 16:53, [EMAIL PROTECTED] wrote:
> So my question is really more like this: Who will get upset
> if www.sqlite.org ceases to function for win98 users?
You can definitely answer this question based on server's logs but still,
banning users based on OS/UA
I fix computers for customers during evenings and weekends and I have
only have 2 customers (so far) using Windows 98. Nearly everyone, even
the many seniors among my clients, use Windowx XP and/or OS X.
I feel that banning Win 98 machines is therefore appropriate. Serious
developers wouldn't
* Terry Jones:
> Given 50K attempts in 5 hours, this is either a bug somewhere or it's
> automated, likely the latter.
I've seen broken proxies which acted as accidental traffic amplifiers.
It's not necessarily a deliberate attack.
On Tue, 2007-01-30 at 12:58 +, [EMAIL PROTECTED] wrote:
> Last night, a single user (or, at least, a single IP address)
> in China that self-identified as running windows98 and
> Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
> 24980 times and sqlite-source-3_3_12.zip 25044 times
> ove
[EMAIL PROTECTED] wrote:
Everybody seems to assume that the problem is an attack. I
say that you should never attribute to malice what can be
explained by simple stupidity.
I agree, it is quite probably an unintentional "attack".
So my question is really more like this: Who will get upset
[EMAIL PROTECTED] wrote:
Something stupid like that. Maybe somebody can have a look
at the HTTP reply headers that www.sqlite.org issues and point
out any problems.
http://validator.w3.org/ reports a couple of minor problems (missing character
encoding, no DOCTYPE and a couple of spurious tag
Would not adding verification cause a problem for those include the
downloading of sqlite in bash/make files of certain apps.
Lloydie T
- Original Message -
From: "Rich Shepard" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, January 30, 2007 2:50 PM
Subject: Re: [sqlite] Abu
On Tue, 30 Jan 2007, [EMAIL PROTECTED] wrote:
Everybody seems to assume that the problem is an attack. I say that you
should never attribute to malice what can be explained by simple
stupidity.
In this context, Richard, I think your original idea of blocking the OS
and/or antique version of
It may not be as innocent as you suspect. There are well organized
hacking schemes in China, with Chinese Government support in some cases.
One of these may have been practising on your site. The header is not
conclusive evidence of its origin.
[EMAIL PROTECTED] wrote:
Mark Richards <[EMAI
My server has been under heavy attack in the past few hours and I am
also looking for a way to lock out abusers. I am thinking of making a
change to tcpwrappers to identify abusers and place them on the deny
list. I want to permit mobile users to access services like POP3 but to
deny an untru
Mark Richards <[EMAIL PROTECTED]> wrote:
>
> Headers can always be forged as to browser and OS. Attackers will
> eventually figure it out and then you're back to the drawing board
> again.
Everybody seems to assume that the problem is an attack. I
say that you should never attribute to malic
On Tue, 30 Jan 2007, Mark Richards wrote:
Returning a link that expires in an email to the requester is a method
that works nicely. It does require some programming and maintenance, but
would be a nice gatekeeper.
Rather than this, I support the idea of an image with letters and digits
in va
[EMAIL PROTECTED] wrote:
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
Headers can always be forged as to browser and OS. Attackers will
eventually figure it out and then you're back to the drawing board
again. As tempting as this solu
You could adapt this ruleset used to block ssh bruteforce attacks:
( quoting from http://www.la-samhna.de/library/brutessh.html )
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set \
--name SSH -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m recent --update --seconds
60 --
On Tue, 30 Jan 2007 12:58:01 +, [EMAIL PROTECTED] wrote:
>Last night, a single user (or, at least, a single IP address)
>in China that self-identified as running windows98 and
>Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
>24980 times and sqlite-source-3_3_12.zip 25044 times
>over a
[EMAIL PROTECTED] was heard to say:
> Thoughts anyone? Are there less drastic measures that might
> be taken to prevent this kind of abuse?
Frankly, I can't imagine someone sitting in China in front of a Win98 box and
hitting the download button 25044 times. I guess this is scripted, and they
wi
| Last night, a single user (or, at least, a single IP address)
| in China that self-identified as running windows98 and
| Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
| 24980 times and sqlite-source-3_3_12.zip 25044 times
| over about a 5 hour period, sucking up significant
| bandwidth
[EMAIL PROTECTED] wrote:
> But lately, there have been so many problems coming from
> win98 and moz4 that I'm thinking of banning all traffic
> that self-identifies as such in the User-Agent string of
> the HTTP header.
>
> Thoughts anyone? Are there less drastic measures that might
> be taken t
Maybe you can limit the times per hour that a single IP address can
download something from your web site.
For example max 50 download per file per hour for a single IP address.
This prevents current and future abuses...
---
Marco Bambini
http://www.sqlabs.net
http://www.sqlabs.net/blog/
http:/
Last night, a single user (or, at least, a single IP address)
in China that self-identified as running windows98 and
Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
24980 times and sqlite-source-3_3_12.zip 25044 times
over about a 5 hour period, sucking up significant
bandwidth in the proce
25 matches
Mail list logo