It appears the site is under a sustained attack, CNET reports. http://news.cnet.com/8301-13578_3-20024966-38.html Andrew
On 12/8/2010 12:00 PM, andrew.wallace wrote:
It appears the site is under a sustained attack, CNET reports.
http://news.cnet.com/8301-13578_3-20024966-38.html
Andrew
It's only their main website it has not affected their ability to process payments as of yet.
On Wed, 08 Dec 2010 12:14:15 -0500 William Warren <hescominsoon@emmanuelcomputerconsulting.com> wrote:
On 12/8/2010 12:00 PM, andrew.wallace wrote:
It appears the site is under a sustained attack, CNET reports.
http://news.cnet.com/8301-13578_3-20024966-38.html
Andrew
It's only their main website it has not affected their ability to process payments as of yet.
Yes it has: http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/
-- John
Yes it has:
http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/
I've been processing cards all day for my wife's biz without any problems. -J
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 8, 2010 at 2:05 PM, Jorge Amodio <jmamodio@gmail.com> wrote:
Yes it has:
http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/
I've been processing cards all day for my wife's biz without any problems.
At least some processing ops are experiencing problems: http://heartbeat.skype.com/2010/12/problems_with_mastercard_payme.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFNAAINq1pz9mNUZTMRAhbzAJ9nWU6H/X32QYEn2vVlPHKiCe2rkACgvQca sGW2ESTRue1IqJa3YkO6iEg= =xdM6 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
On Wed, Dec 08, 2010 at 04:05:32PM -0600, Jorge Amodio said:
Yes it has:
http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/
I've been processing cards all day for my wife's biz without any problems.
there are other payment processors out there for mastercard and visa, im sure in canada I dont bother clearing the charges I put through with a single master server in the US, they're probably also distributed for various reasons (fibre cuts speed of transaction, etc). When I hit the bigger grocery stores, the approval is almost instantaneous. Not sure what they're using for backhaul to where, but it aint DSL or a phone line. Taking out that kinda distributed architecture would require attacking the protocol with a self propagating attack (~Stuxnet), not the individual sites that do the processing. Im sure Mastercard has some skills on how to run an internal 'cloud'. /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
google = "Operation: Payback" On Wed, Dec 8, 2010 at 9:00 AM, andrew.wallace < andrew.wallace@rocketmail.com> wrote:
It appears the site is under a sustained attack, CNET reports.
http://news.cnet.com/8301-13578_3-20024966-38.html
Andrew
On Wed, Dec 8, 2010 at 11:24 AM, Jack Bates <jbates@brightok.net> wrote:
On 12/8/2010 11:18 AM, Joseph Prasad wrote:
google = "Operation: Payback"
Sadly, our ineffective government probably won't bring these perpetrators to justice. I have no real opinion concerning wikileaks, but DOS attacks cannot be justified.
Jack
Are you prepared for "informaton terrorism" laws? -- William McCall, CCIE #25044
On 12/8/2010 11:28 AM, William McCall wrote:
Are you prepared for "informaton terrorism" laws?
DOS attacks are already illegal. I question the ability to track responsible parties down and have appropriate proof to actually prosecute. Let's be honest. Even in the 20th century, more people had been caught by bragging in public than by backtracking. Jack
On Wed, Dec 8, 2010 at 12:34 PM, Jack Bates <jbates@brightok.net> wrote:
On 12/8/2010 11:28 AM, William McCall wrote:
Are you prepared for "informaton terrorism" laws?
DOS attacks are already illegal. I question the ability to track responsible parties down and have appropriate proof to actually prosecute.
Let's be honest. Even in the 20th century, more people had been caught by bragging in public than by backtracking.
so... the loic tool uses the host's local address, the attacks are all HTTP based, or tcp/80 with malformed HTTP... someone with server logs could certainly get a list of the ips involved and hand that over to the FBI for proper action. I know that the folks involved on the MC side already have this data, and that the fbi is interested in it. -chris
The problem is that they were also slashdotted. The logs would also have a large number of unrelated. On Dec 8, 2010 12:49 PM, "Christopher Morrow" <morrowc.lists@gmail.com> wrote:
On Wed, Dec 8, 2010 at 12:34 PM, Jack Bates <jbates@brightok.net> wrote:
On 12/8/2010 11:28 AM, William McCall wrote:
Are you prepared for "informaton terrorism" laws?
DOS attacks are already illegal. I question the ability to track
responsible
parties down and have appropriate proof to actually prosecute.
Let's be honest. Even in the 20th century, more people had been caught by bragging in public than by backtracking.
so... the loic tool uses the host's local address, the attacks are all HTTP based, or tcp/80 with malformed HTTP... someone with server logs could certainly get a list of the ips involved and hand that over to the FBI for proper action.
I know that the folks involved on the MC side already have this data, and that the fbi is interested in it.
-chris
On 2010-12-08 14:06 -0600, Philip Dorr wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
"so... the loic tool uses the host's local address, the attacks are all HTTP based, or tcp/80 with malformed HTTP..." That should be easy to grep by...? -- - Olof Johansson - www: http://www.stdlib.se/ - {mail,xmpp}: olof@ethup.se - irc: zibri on Freenode/OFTC/... --
On 12/8/2010 2:37 PM, Olof Johansson wrote:
On 2010-12-08 14:06 -0600, Philip Dorr wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
"so... the loic tool uses the host's local address, the attacks are all HTTP based, or tcp/80 with malformed HTTP..."
That should be easy to grep by...?
Of course, it's debatable if use of LOIC is enough to convict. You'd have to first prove the person installed it themselves, and then you'd have to prove that they knew it would be used for illegal purposes. The hive controller, and the actual operator(s) are who they want, and that's a little more work. This has been an issue in the past, even when we knew exactly where botnet controllers were, concerning the legality of taking control to shut it down. Jack
On 08/12/2010 20:42, Jack Bates wrote:
Of course, it's debatable if use of LOIC is enough to convict. You'd have to first prove the person installed it themselves, and then you'd have to prove that they knew it would be used for illegal purposes.
Earlier this morning there were two people interviewed on the BBC radio 4 Today program (this is considered the BBC's flagship morning news/current affairs show on their serious nationwide talk radio station) about this - one was a security consultant and another was a member of/spokesman for the 'operation payback' group. One wonders why the Met Police didn't have someone waiting to have a quiet chat with the latter when he left the studio. Both of them said that people had been voluntarily downloading and installing botnet clients on their PCs in order to take part in these DDoS attacks. Ignoring, for a moment, the stupidity of such action it is hard to see how you'd be able to argue that this was *not* going to be used for illegal purposes. The other amusing part of the interview was when the security consultant started off very well explaining a DDoS in layman's terms, but then veered off using the terms HTTP, UDP and IP in one sentence causing the presenter to intervene as it "was getting a tad too technical there". Paul.
In article <4D00A373.3010806@prt.org>, Paul Thornton <prt@prt.org> writes
Earlier this morning there were two people interviewed on the BBC radio 4 Today program (this is considered the BBC's flagship morning news/current affairs show on their serious nationwide talk radio station) about this - one was a security consultant and another was a member of/spokesman for the 'operation payback' group. One wonders why the Met Police didn't have someone waiting to have a quiet chat with the latter when he left the studio.
In this case the chap was in their central studio, but the earlier technical expert wasn't (you can tell by the way he's introduced and other verbal clues). I've done several such live interviews, in the studio and both attended and unattended remote - they all work a bit differently. The police would have to act fast to get round there before he left the building, but if the interview was from a regional studio he'd be long gone. On the other hand, if the BBC got hold of him, they must have some contact details to trace him. ps I was surprised the expert claimed that Visa's service had been taken down by DDOS, despite being Akamaised. -- Roland Perry
here is the audio from BBC Radio 4. http://www.bbc.co.uk/news/technology-11935539 On Thu, Dec 9, 2010 at 1:37 AM, Paul Thornton <prt@prt.org> wrote:
On 08/12/2010 20:42, Jack Bates wrote:
Of course, it's debatable if use of LOIC is enough to convict. You'd have to first prove the person installed it themselves, and then you'd have to prove that they knew it would be used for illegal purposes.
Earlier this morning there were two people interviewed on the BBC radio 4 Today program (this is considered the BBC's flagship morning news/current affairs show on their serious nationwide talk radio station) about this - one was a security consultant and another was a member of/spokesman for the 'operation payback' group. One wonders why the Met Police didn't have someone waiting to have a quiet chat with the latter when he left the studio.
Both of them said that people had been voluntarily downloading and installing botnet clients on their PCs in order to take part in these DDoS attacks. Ignoring, for a moment, the stupidity of such action it is hard to see how you'd be able to argue that this was *not* going to be used for illegal purposes.
The other amusing part of the interview was when the security consultant started off very well explaining a DDoS in layman's terms, but then veered off using the terms HTTP, UDP and IP in one sentence causing the presenter to intervene as it "was getting a tad too technical there".
Paul.
On Dec 9, 2010, at 4:37 AM, Paul Thornton wrote:
On 08/12/2010 20:42, Jack Bates wrote:
Of course, it's debatable if use of LOIC is enough to convict. You'd have to first prove the person installed it themselves, and then you'd have to prove that they knew it would be used for illegal purposes.
Earlier this morning there were two people interviewed on the BBC radio 4 Today program (this is considered the BBC's flagship morning news/current affairs show on their serious nationwide talk radio station) about this - one was a security consultant and another was a member of/spokesman for the 'operation payback' group. One wonders why the Met Police didn't have someone waiting to have a quiet chat with the latter when he left the studio.
Both of them said that people had been voluntarily downloading and installing botnet clients on their PCs in order to take part in these DDoS attacks. Ignoring, for a moment, the stupidity of such action it is hard to see how you'd be able to argue that this was *not* going to be used for illegal purposes.
The other amusing part of the interview was when the security consultant started off very well explaining a DDoS in layman's terms, but then veered off using the terms HTTP, UDP and IP in one sentence causing the presenter to intervene as it "was getting a tad too technical there".
There is an interesting analysis in today's New York Times http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1 about the attacks on Mastercard, Visa and Ebay, how they were coordinated over Twitter and Facebook, and the free speech issues that that raises for the latter two organizations. My guess is that we will shortly see security folks searching through Facebook and twitter along with IRC for signs of attack coordination. It does seem like these social attacks would lend themselves to obfuscation and steganography (i.e., you don't have to say "let's bombard Ebay with packets using X", you can say "Let's send Elisa lots of poetry using X," or something more clever), so I don't think it will remain as easy as in this case. By the way, I was amused that a Twitter spokesman boasted that "The company is not overly concerned about hackers’ attacking Twitter’s site, he said, explaining that it faces security issues all the time and has technology to deal with the situation." I hope he had his fingers crossed when he said that, as Twitter can barely keep the service functioning on a good day, with frequent outages. Regards Marshall
Paul.
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
about the attacks on Mastercard, Visa and Ebay, how they were coordinated over Twitter and Facebook, and the free speech issues that that raises for the latter two organizations.
paypal has relaxed its restrictions on Wikileaks funds: https://www.thepaypalblog.com/2010/12/updated-statement-about-wikileaks-from... amazon is selling a Kindle version of the Wikileaks released cables: http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B... this is all becoming quite surreal. -- Jim Mercer jim@reptiles.org +1 416 410-5633 You are more likely to be arrested as a terrorist than you are to be blown up by one. -- Dianora
so now they are making a profit from Wikileaks. true Capitalism. - *--------------------------------* * * *http://www.dailypaul.com/* * * *http://www.thenewamerican.com/* * * * -------------------------------- * * <http://www.thenewamerican.com/> * On Thu, Dec 9, 2010 at 8:29 AM, Jim Mercer <jim@reptiles.org> wrote:
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
about the attacks on Mastercard, Visa and Ebay, how they were coordinated over Twitter and Facebook, and the free speech issues that that raises for the latter two organizations.
paypal has relaxed its restrictions on Wikileaks funds:
https://www.thepaypalblog.com/2010/12/updated-statement-about-wikileaks-from...
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B...
this is all becoming quite surreal.
-- Jim Mercer jim@reptiles.org +1 416 410-5633 You are more likely to be arrested as a terrorist than you are to be blown up by one. -- Dianora
In article <20101209162936.GA9891@reptiles.org>, Jim Mercer <jim@reptiles.org> writes
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B...
this is all becoming quite surreal.
"Please note: This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website." -- Roland Perry
On Thu, Dec 09, 2010 at 05:18:39PM +0000, Roland Perry wrote:
In article <20101209162936.GA9891@reptiles.org>, Jim Mercer <jim@reptiles.org> writes
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B...
this is all becoming quite surreal.
"Please note: This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website."
i don't have a cache, but i'm pretty sure those comments were added after i posted. fortunately, google's cache has a better memory: http://webcache.googleusercontent.com/search?q=cache:GGCo9vYxnHUJ:www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B004EEOLIU+WikiLeaks+documents+expose+US+foreign+policy+conspiracies.+All+cables+with+tags+from+1-+5000+www.amazon.co.uk&cd=1&hl=en&ct=clnk&gl=ca -- Jim Mercer jim@reptiles.org +1 416 410-5633 You are more likely to be arrested as a terrorist than you are to be blown up by one. -- Dianora
In article <20101209180619.GA12061@reptiles.org>, Jim Mercer <jim@reptiles.org> writes
"Please note: This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website."
i don't have a cache, but i'm pretty sure those comments were added after i posted.
I'm not trying to criticise the chronology; however if this book doesn't have the text of the cables, then it's worth people knowing that. -- Roland Perry
On Thu, Dec 9, 2010 at 1:23 PM, Roland Perry <lists@internetpolicyagency.com
wrote:
In article <20101209180619.GA12061@reptiles.org>, Jim Mercer < jim@reptiles.org> writes
"Please note: This book contains commentary and analysis regarding
recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website."
i don't have a cache, but i'm pretty sure those comments were added after i posted.
I'm not trying to criticise the chronology; however if this book doesn't have the text of the cables, then it's worth people knowing that. -- Roland Perry
I'm not as sure about that. Julian's writings imply that the specific data isn't as important as disrupting "conspiracies" ability to communicate privately. I want to see it all... the philosophy / objective, as well as the specific information... personally, I'm avoiding too many big conclusions and trying to take it all in...
On 9 Dec 2010, at 18:06, Jim Mercer wrote:
i don't have a cache, but i'm pretty sure those comments were added after i posted.
The new words are: -=--=- Looking for something? We're sorry. The Web address you entered is not a functioning page on our site Go to Amazon.com's Home Page -=-=- f
On 12/09/2010 11:29 EST, Jim Mercer wrote:
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B...
"This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website."
On Dec 9, 2010, at 11:29 AM, Jim Mercer wrote:
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
about the attacks on Mastercard, Visa and Ebay, how they were coordinated over Twitter and Facebook, and the free speech issues that that raises for the latter two organizations.
paypal has relaxed its restrictions on Wikileaks funds:
https://www.thepaypalblog.com/2010/12/updated-statement-about-wikileaks-from...
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B...
Not really : Please note: This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website. Marshall
this is all becoming quite surreal.
-- Jim Mercer jim@reptiles.org +1 416 410-5633 You are more likely to be arrested as a terrorist than you are to be blown up by one. -- Dianora
On Dec 9, 2010, at 12:25 PM, Marshall Eubanks wrote:
On Dec 9, 2010, at 11:29 AM, Jim Mercer wrote:
On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote:
There is an interesting analysis in today's New York Times
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1
about the attacks on Mastercard, Visa and Ebay, how they were coordinated over Twitter and Facebook, and the free speech issues that that raises for the latter two organizations.
paypal has relaxed its restrictions on Wikileaks funds:
https://www.thepaypalblog.com/2010/12/updated-statement-about-wikileaks-from...
amazon is selling a Kindle version of the Wikileaks released cables:
http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B...
Not really :
Please note: This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website.
Oh, and there is a blog claiming that the attacks will now expand to include Amazon. http://www.bryanhealey.com/html/home/?entry=111 (This is in retaliation for booting Wikileaks off of EC2, not apparently the Kindle editorial choices.) Regards Marshall
Marshall
this is all becoming quite surreal.
-- Jim Mercer jim@reptiles.org +1 416 410-5633 You are more likely to be arrested as a terrorist than you are to be blown up by one. -- Dianora
On 12/9/10 8:11 AM, Marshall Eubanks wrote:
By the way, I was amused that a Twitter spokesman boasted that
"The company is not overly concerned about hackers’ attacking Twitter’s site, he said, explaining that it faces security issues all the time and has technology to deal with the situation."
I hope he had his fingers crossed when he said that, as Twitter can barely keep the service functioning on a good day, with frequent outages.
Justin beiber is as effective a ddos on twitter as anyone needs.
Regards Marshall
Paul.
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr <tagno25@gmail.com> wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
pro-tip: the tool has a pretty easy to spot signature.
What is that signature? Regards, Ben
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr <tagno25@gmail.com> wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
pro-tip: the tool has a pretty easy to spot signature.
What is that signature?
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests. William
On 9/12/10 7:49 PM, William Pitcock wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr <tagno25@gmail.com> wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
pro-tip: the tool has a pretty easy to spot signature.
What is that signature?
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
Is there anything else to it, or just the protocol version? Regards, Ben
On Thu, Dec 09, 2010, Ben McGinnes wrote:
On 9/12/10 7:49 PM, William Pitcock wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr <tagno25@gmail.com> wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
pro-tip: the tool has a pretty easy to spot signature.
What is that signature?
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
Is there anything else to it, or just the protocol version?
Be careful - plenty of Squid's make HTTP/1.0 version. ProTip: be careful. :-) Adrian -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $24/pm+GST entry-level VPSes w/ capped bandwidth charges available in WA -
On Thu, Dec 9, 2010 at 3:49 AM, William Pitcock <nenolod@systeminplace.net> wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
pro-tip: the tool has a pretty easy to spot signature.
What is that signature?
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
and spews nothing but the 'message' over HTTP, never an actual request.
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
Realistically, if the folks from Anonymous wanted to really cause trouble, they'd be doing (legitimate looking) SSL requests against the actual payment gateways. The force-multiplier there is the computational effort it takes to negotiate a DH key exchange. For bonus points, call the voice auth service simultaneously and just sit on hold. Cheers, Michael Holstein Cleveland State University
On Thu, Dec 09, 2010 at 01:08:12PM -0500, Michael Holstein said:
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
Realistically, if the folks from Anonymous wanted to really cause trouble, they'd be doing (legitimate looking) SSL requests against the actual payment gateways. The force-multiplier there is the computational effort it takes to negotiate a DH key exchange.
For bonus points, call the voice auth service simultaneously and just sit on hold.
Did you just aid & abet? Guess we're all about full disclosure here..? Except when its not easy to fix, like DDOS's arent. /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
Uh, no. Source code from LOIC: byte[] buf; if (random == true) { buf = System.Text.Encoding.ASCII.GetBytes(String.Format("GET {0}{1} HTTP/1.1{2}Host: {3}{2}{2}{2}", Subsite, new Functions().RandomString(), Environment.NewLine, Host)); } else { buf = System.Text.Encoding.ASCII.GetBytes(String.Format("GET {0} HTTP/1.1{1}Host: {2}{1}{1}{1}", Subsite, Environment.NewLine, Host)); } On Thu, Dec 9, 2010 at 12:49 AM, William Pitcock <nenolod@systeminplace.net> wrote:
On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote:
On 9/12/10 8:04 AM, Christopher Morrow wrote:
On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr <tagno25@gmail.com> wrote:
The problem is that they were also slashdotted. The logs would also have a large number of unrelated.
pro-tip: the tool has a pretty easy to spot signature.
What is that signature?
The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests.
William
participants (26)
-
Adrian Chadd
-
andrew.wallace
-
Ben McGinnes
-
Christopher Morrow
-
Fearghas McKay
-
Jack Bates
-
Jim Mercer
-
Joel Jaeggli
-
John Adams
-
John Peach
-
Jorge Amodio
-
Joseph Prasad
-
Ken
-
Ken Chase
-
Marshall Eubanks
-
Michael Holstein
-
Michael Smith
-
Olof Johansson
-
Paul Ferguson
-
Paul Thornton
-
Philip Dorr
-
Roland Perry
-
Scott Brim
-
William McCall
-
William Pitcock
-
William Warren