Are you sure about that? I am trying his script and I just had an "attack"
and I watched the traffic through my firewall software. It dropped off
immediately, i.e. showed no activity. I was expecting to see somekind of a
persistant connection, but It doesn't seem to be there. I tested it myself
and got the same results. My browser just sat there spinning, but there was
no traffic in and out of my site.
--
Gaylen
[EMAIL PROTECTED]
http://www.gaylenandmargie.com
PHP KISGB v1.2 Guestbook http://www.gaylenandmargie.com/publicscripts
"Sean Straw / Pse" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> At 13:48 2001-09-21 -0700, Bill Rausch wrote:
> > sleep( 300 );
> >
> >I felt that if nothing else I could slow the worm down a little by
> >wasting its time before it races off to the next potential target.
> >Does what I'm doing make any sense or am I all confused?
>
> I do like the concept behind the sleep idea, but this is going to tie up
> acesses to *YOUR* server, which means you're literally setting yourself up
> for a DoS. I doubt that was a design goal.
>
> I think setting up a script which hands off the vitising IP address to
your
> firewall and stealths the requests would be much better. If I could get
an
> answer to a cache implementation question I posted here this morning, I'd
> be moving along to providing such a facility to those interested...
>
> FTR, the implementation I have in place right now is invoked via a
> rewriterule in apache, so I don't log 404 errors.
>
> ---
> Please DO NOT carbon me on list replies. I'll get my copy from the
list.
>
> Sean B. Straw / Professional Software Engineering
> Post Box 2395 / San Rafael, CA 94912-2395
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
