On Thu, 2007-06-28 at 15:46 -0400, Phil Barnett wrote: > I'm going to try this, but with a 5 minute wait. I run it in the middle of > the > night anyway, who cares how long it takes. > > Actually, the proper response might be a random wait.
The HTML that gets sent by SARE is: <HTML><HEAD><META HTTP-EQUIV="Refresh" CONTENT="0.1"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </HEAD></HTML> If this were downloaded to a browser, it would cause the browser to refresh the page after .1 second and the page would not be cached. A five minute wait should certainly be more than adequate and might be appropriate if the refresh page were sent in response to excessive server load. I suspect, though, that it may be a pacer of some sort designed to deflect the kind of DDoS attack that brought down Rules Emporium earlier this month. I don't know what would be gained by a random wait. As a couple of people have pointed out to me, though, you can use sa-update to retrieve the same rules data as per the instructions at http://saupdates.openprotect.com . -- Lindsay Haisley | "In an open world, | PGP public key FMP Computer Services | who needs Windows | available at 512-259-1190 | or Gates" | http://pubkeys.fmp.com http://www.fmp.com | |
