Security Incidents mailing list archives
Re: your mail
From: Nick Phillips <nwp () CHECKAPRICE COM>
Date: Fri, 27 Oct 2000 13:49:28 +0000
On Thu, Oct 26, 2000 at 08:39:12AM -0600, Mike Lewinski wrote:
Heh, this thing wants to portscan us, plus check that the webserver it's sending the client to is actually up. Probably DNS resolution takes so long that the "client" is sitting there repeatedly hitting the refresh button and bitching at their ISP (who's servers are being packet flooded by load balancers at the moment....)
I don't know that this is the place to discuss this, but... There seem to be so many of these idiots out there making so many assumptions, would it not be a Good Thing to sit down and thrash out a standard which would enable all the loadbalancers to get what they need (and no more) from clients without triggering alarm bells. If someone (?) could come up with a protocol which would enable them to send a packet to the client which would elicit a useful response from any client (compliant or not - I guess your average home user wouldn't need to run the service, whereas a firewall/proxy/whatever might get better value if they did), then maybe we could all stop wasting our time on them, and they'd get more useful data back. And everyone would have less rubbish floating around the net. If you defined maximum permissible request quantities and rates, some way to say "sod off, I don't want you probing for this information", and that "no response" definitely means that you shouldn't keep trying, that should about do it. Shouldn't it? Maybe a firewall/router could do some kind of transparent proxying and give a response back that tells the requestor that the response is valid for a whole netblock (or several) if it wanted to, too. Just a thought... Nick
Current thread:
- [no subject] Abe Getchell (Oct 27)
- [no subject] Mike Lewinski (Oct 27)
- [no subject] John Hall (Oct 28)
- Re: your mail Nick Phillips (Oct 28)
- Re: 1024 & DistributedDirector Mike Lewinski (Oct 28)
- Load Balancing Protocol (was Re: your mail) Crist Clark (Oct 31)
- Re: Load Balancing Protocol (was Re: your mail) Nick Phillips (Oct 31)
- QAZ hitting MS Pierre Vandevenne (Oct 28)
- [no subject] Mike Lewinski (Oct 27)
- Re: your mail jerm (Oct 28)