severity 516708 serious quit Looking through my server (www.uk.debian.org) logs recently I noticed a very persistent user, asking for libc6 and locales (mostly) packages, which had dropped out of the archive by being upgraded.
The client is identifying itself as "DebTorrent/T-0.1.9", so I presume it's the fault of this package. To illustrate the point, here's a rummage through last week's logs: r...@free:/etc/nginx/sites-enabled# sed -ne 's#^\([.0-9]*\) .*GET \(.*\) HTTP/1.1. 404 .*DebTorrent/T-0.1.9.*$#\1 \2#p' /var/log/apache2/access.log.1 | sort | uniq -c | sort -nr 67524 62.56.120.168 /debian/pool/main/g/glibc/locales_2.3.6.ds1-13etch7_all.deb 25733 62.56.120.168 /debian/pool/main/g/glibc/locales-all_2.3.6.ds1-13etch7_amd64.deb 19365 62.56.120.168 /debian/pool/main/g/glibc/libc6_2.3.6.ds1-13etch7_amd64.deb 19318 62.56.120.168 /debian/pool/main/n/net-snmp/libsnmp-base_5.2.3-7etch2_all.deb 17987 62.56.120.168 /debian/pool/main/g/glibc/libc6-i386_2.3.6.ds1-13etch7_amd64.deb 14428 62.56.91.212 /debian/pool/main/g/glibc/locales_2.3.6.ds1-13etch7_all.deb 10542 212.225.125.23 /debian/pool/main/g/glibc/locales_2.3.6.ds1-13etch7_all.deb 6816 62.56.120.168 /debian/pool/main/g/glibc/libc6-dev-i386_2.3.6.ds1-13etch7_amd64.deb 6507 62.56.120.168 /debian/pool/main/n/net-snmp/libsnmp9_5.2.3-7etch2_amd64.deb 6078 62.56.91.212 /debian/pool/main/g/glibc/libc6-i386_2.3.6.ds1-13etch7_amd64.deb 5003 62.56.120.168 /debian/pool/main/g/glibc/libc6-dev_2.3.6.ds1-13etch7_amd64.deb 4495 62.56.91.212 /debian/pool/main/g/glibc/libc6-dev_2.3.6.ds1-13etch7_amd64.deb 3840 212.225.125.23 /debian/pool/main/g/glibc/libc6-i386_2.3.6.ds1-13etch7_amd64.deb 3779 62.56.91.212 /debian/pool/main/g/glibc/locales-all_2.3.6.ds1-13etch7_amd64.deb 3366 62.56.91.212 /debian/pool/main/n/net-snmp/libsnmp-base_5.2.3-7etch2_all.deb 2707 62.56.120.168 /debian/pool/main/n/net-snmp/snmp_5.2.3-7etch2_amd64.deb 2476 62.56.120.168 /debian/pool/main/s/streamripper/streamripper_1.61.27-1_amd64.deb 2115 212.225.125.23 /debian/pool/main/n/net-snmp/libsnmp9_5.2.3-7etch2_amd64.deb 2098 212.225.125.23 /debian/pool/main/g/glibc/locales-all_2.3.6.ds1-13etch7_amd64.deb 1791 62.56.91.212 /debian/pool/main/s/streamripper/streamripper_1.61.27-1_amd64.deb 1586 62.56.91.212 /debian/pool/main/g/glibc/libc6_2.3.6.ds1-13etch7_amd64.deb 1337 212.225.125.23 /debian/pool/main/g/glibc/libc6_2.3.6.ds1-13etch7_amd64.deb 1055 212.225.125.23 /debian/pool/main/n/net-snmp/snmp_5.2.3-7etch2_amd64.deb r...@free:/etc/nginx/sites-enabled# wc -l /var/log/apache2/access.log.1 7481751 /var/log/apache2/access.log.1 So, only 1% of the requests, but then again most of that is from a single client. In the case of the file: /debian/pool/main/g/glibc/locales_2.3.6.ds1-13etch7_all.deb 212.225.125.23's asked for it about 18000 times in the last 15 hours. It seems to have first asked, and received a 404 at 11/Oct/2009:07:18:34 +0100 If DebTorrent were to become even slightly popular while this bug persists, this could easily become a DDoS against our mirror network, so I'm marking this bug as serious. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] http://www.hands.com/ |-| HANDS.COM Ltd. http://www.uk.debian.org/ |(| 10 Onslow Gardens, South Woodford, London E18 1NE ENGLAND -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
