[JaxPM] wget, etc...
j proctor
jproctor at oit.umass.edu
Fri Aug 3 12:59:54 CDT 2001
On the jacksonville-pm-list; Jax.PM'er j proctor <jproctor at oit.umass.edu> wrote -
> This is much like how if I wanted to compromise your systems, I would
> want to do a little port scanning. I would never do fast portscans over
> many ports, I'd scan only a couple important ports from different hosts
> from at/cron jobs at random times from random hosts.
>
[...]
>
> This sort of approach does start to breakdown in the context we're
> discussing it, needing thousands of files from a web server. Doing it
> slowly would really suck ;)
If you have access to several different hosts (on different networks),
then it's concievable you have access to quite a few hosts on quite a few
networks. Such things are not unheard of in security circles these days
(DDoS, anyone?).
If that's the case, it's fairly easy to arrange a coordinated sweep of the
site from widely disparate places. Over the course of a few hours, you
could get every page without any particular host doing more than an
obvious handful. Pepper the initial request with a bogus referer (search
term from AltaVista or something), and you've still got the entire site.
j
Jax.PM Moderator's Note:
This message was posted to the Jacksonville Perl Monger's Group listserv.
The group manager can be reached at -- owner-jacksonville-pm-list at pm.org
to whom send all praises, complaints, or comments...
More information about the Jacksonville-pm
mailing list