[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Attack on my server

Subject: Re: [cobalt-users] Attack on my server
From: "David Black" <DavidBlack@xxxxxxxxxxxxxxx>
Date: Sat Dec 30 22:34:01 2000
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

You could also use javascript to display the text "nudity"
for human visitors but it would be meaningless to spiders:

<script language="javascript">
<!--
document.write('nu');
document.write('dity');
// -->
</script>

:D

----- Original Message -----
From: "Alfredo" <alfredo@xxxxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Saturday, December 30, 2000 11:28 PM
Subject: Re: [cobalt-users] Attack on my server


> >After long conversations with cobalt and watching the incredible amount
of
> >Apache servers that continue to spawn on my server while watching "top"
from
> >telnet. We strongly believe that we are under attack through sym_flood or
> >some other flood attempt. In looking at my netstats I see that not only
are
> >there a few sym_recv coming through I also have a really unusual amount
of
> >time_wait as well.  It is very important that I get this site up and
running
> >soon. Please help.
> >
>
> Leslie!
>
> I just checked your site and then did another check on a couple of
> password crack sites. Although yours is a tasteful and professional
> photography site, you are being listed as an "adult content" site by
> "password cracker" sites all over the Internet! That would produce
> lots of hits with the user/pass combo since all these sites actually
> share the same information and your auth scheme may be choking since
> lots of people are trying to get in there with that same user/pass
> combo.
>
> You say on your home page that you DO have some nudity on the site
> and that wording is enough to draw cracker spiders and start the
> feeding frenzy! I always check those cracker sites when we have a
> problem like this one because we got burned with a site very similar
> to yours (top notch photographer's portfolio with a "pro" member's
> section for sharing tips and all that). She just wanted to warn
> parents that she did have a couple of nudes on the site! Best
> intentions...! The spiders caught the word "nudity" and her site was
> down in a few hours!
>
> All WE did was have her change the url of the members' section and
> that helped hugely because it didn't trigger the authorization
> programs anymore and eliminated time-outs. After a day or so, the
> crack sites no longer bothered her and our server was purring away at
> full speed.
>
> Not sure that this is your only problem or if it's the best solution
> but I just thought it would be a good idea to let you know.
>
> Alfredo
> --
> People-Link/Institute for Mass Communications
> www.people-link.org
> Communications for a Better World...and for the People Who are Building
One!
> Members, Local 1180, Communications Workers of America, AFL-CIO
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

References:
- Re: [cobalt-users] Attack on my server
  - From: Alfredo

Prev by Date: Re: [cobalt-users] CR Customers
Next by Date: [cobalt-users] Autoresponder
Previous by thread: Re: [cobalt-users] Attack on my server
Next by thread: Re: [cobalt-users] Attack on my server

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index