In what I believe to be related anough to the subject of the original post, I would like
to float a proposal, to make life a bit harder for these automated hackers.
By personal observation, I note that many such attempts (the large majority in fact) end
up requesting URLs which do not exist on properly-configured servers, and thus ultimately
result in a "404 Not Found" response.
It is also the interest of these annoying tools to be able to scan as many IP addresses
and ports as possible, within as short a time as possible, in order to locate vulnerable
targets faster.
But nevertheless, they cannot use too short a timeout for each of these URLs that they
request, otherwise they would end up neglecting a lot of juicy targets whenever their own
network connection (or the target's) is a bit slow.
On the other hand, I would suppose that legitimate well-written applications rarely
deliver responses containing links that will, when used, result in 404 responses.
So why not insert an optional parameter into Tomcat somewhere, which would have the effect
of delaying any "404 Not Found" response by a few (configurable) seconds ?
I am quite sure that if this was done cleverly, its impact on the server's own load could
be minimised, and it would greatly annoy those miscreants, by forcing them to wait n times
longer for each unsuccesful attempt. No ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org