[27752] in North American Network Operators' Group
Re: Here we go again
daemon@ATHENA.MIT.EDU (Scott Solmonson)
Fri Mar 10 20:19:11 2000
Message-ID: <38C99E70.597A720B@speedera.com>
Date: Fri, 10 Mar 2000 17:16:32 -0800
From: Scott Solmonson <scosol@speedera.com>
MIME-Version: 1.0
To: Dan Hollis <goemon@sasami.anime.net>
Cc: "Eric A. Hall" <ehall@ehsco.com>, nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Dan Hollis wrote:
>
> On Fri, 10 Mar 2000, Scott Solmonson wrote:
> > Dan Hollis wrote:
> > > I was thinking the exact same thing. The DoS'er would end up DoS'ing
> > > themselves.
> > Since when does "same source address" mean "same client"?
> > Ya- start redirecting everyone to an AOL proxy...
>
> Referrer != forwarded-for.
Correct.
And even that simple snippet of code spits out *no* referrer tag for you
to filter on.
So I was assuming you meant source IP.
> When we are talking about redirecting, we are talking about redirecting to
> the DoS'ers page. Not their client.
So you would redirect them *where*?
My (I'm running my auto-refresher) "page", what ever that is?
Or the <DoS-tool-maker>'s page?
> > And all these depend on being able to identify "authentic" users-
>
> Nope
Huh? - If you're going to redirect someone, you first need to identify
them as "bad".
> Huh? The client is netscape or IE. I dont know of any way for javascript
> to override the headers the browser client sends.
Not necessarily- their site stated that a custom client was in the
works-
We all know a perl script wrapped around netcat would do nicely.
--
Scott Solmonson
Speedera Networks Inc.
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
scosol@speedera.com / 408.970.1591
