httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nelson, Robert D." <RDNel...@Mail.Donaldson.com>
Subject RE: [users@httpd] Hacker?
Date Thu, 05 Dec 2002 01:13:07 GMT

> > What would be ideal is for each attack, the system that its scanning
> > sends back a buffer overrun and crashes the system that's 
> trying to scan
> > it...
> > 
> > That would be an easy way for NT/2000 Admin's to realise they are
> > running an unpatched system
> 
> I've seen this idea mentioned before.  I would be interested 
> in putting 
> something like that on my personal server.  If they are allowed to 
> request arbitrary URLs on my server, I should be able to do 
> the same to 
> their's.
> 
> Anyone have any examples?

I hate to be the voice of reason here, but why are you talking about
damaging someone else's systems simply because they are infected with a
virus/worm?  Wouldn't it make more sense to write a program that does a ARIN
IP lookup and emails the IP owner about the probable infection (and nicely
asks them to switch to Apache/*nix)?  Maybe even something that simply
blocks requests from that IP for a few minutes/hours until the requests go
away.

Oh, and one of the key *features* of the net is that arbitrary requests to
your systems can be made.  I'm not saying that these requests are nice, but
you don't have any right (real or implied) to stop people from requesting
URLs.

IMHO, blind retaliation like this only causes more problems on the net.

 ~ Robert


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message