--- Satya satyap@satya.virtualave.net wrote:
On Jul 20, 2001 at 01:13, Philip S Tellis wrote:
Sometime on Jul 19, Satya assembled some asciibets
to say: [someone else said:]
Sure looks like one. Log the IP and complain to
the
ISP as well as to CAUCE.
Unless it's a DoS, he has no reasonable cause to
complain. And why
CAUCE?
I don't think a DoS works if a hit happens once in
five to twelve hours.
Maybe you ought to read up on the differences between buffer overflows and DoS attacks.:-)
Yes, which is why you have no real cause for complaint. The URL is suspicious, but can you complain about a suspicious request based on that particular one? (That is not a rhetorical question.)
If someone hits my server with oversized packets designed to cause a buffer overflow, I would most definitely regards it as a cause for complaint. DoS has nothing to do with this stuff, since here the attacker is trying to compromise the HTTP server process by causing a buffer overrun and dropping into a system shell. There is IMO legitimate cause for a complaint to the originating ISP, since they will then presumably put the attacker under watch. This just might serve as a deterrent to future attacks.
And CAUCE has no bearing on this at all. Coalition Against Unsolicited Commercial Email? It's HTTP, not SMTP.
Quite.
Krishnan
__________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/