Re: DOS ATTACK

[Richard Archer <rha () juggernaut com au>]

At 23:59 -0500 27/10/02, Hunt, Jim wrote:

> I have a friend that has a DOS Attack going on against their website.
> It is being done by someone with a very popular website trying to
> squash a little guy.  He is doing it be placing 1 pixel by 1 pixel
> inline frames in his webpages and having them load my friends webpage.
> It is killing his server and bandwidth.

Well, we've seen some completely clueless responses to this one,
but some good ideas are flowing now.

Here's another.

Add some Javascript to your page to break out of the frame.
Add this to the pages he's linking to, and every hit on
his site will effectively load your friend's. If these guys
are competitors, all his traffic will finish up at your
friend's site... a *very* nice boon to business.

And the good thing about this is that it's a very standard
technique on the web, and he won't be able to sue you for
defamation, unlike some of the other suggestions we've seen.

The javascript runs something like:

if (parent.frames.length > 0) {
    parent.location.href = self.document.location;
}

This effectively runs recursively until your page is in the
top frame of the window.


The other option is to hire some solicitors with big feet to
go stomp on him. There are several cases I've heard of where
sub-framing someone else's content has been upheld as a
copyright violation.

Perhaps run the Javascript until all his clients have seen
your site, then send the lowyers after him. I think that's
what I'd do.

 ...Richard.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com