IDS mailing list archives
Re: Local Mirror Prevention with IDS
From: Frank Knobbe <frank () knobbe us>
Date: Tue, 04 Jan 2005 18:36:36 -0600
On Fri, 2004-12-17 at 14:38 +0200, Dimitrios Patsos wrote:
Can anybody provide some help on how can we prevent a user from making a local mirror of a web site by using both host & network IDS?
You can't prevent it 100%. Everything listed so far are mitigating factors, but a determined user can easily evade those controls. All it takes is a Master Control Program (pun intended), a horde of open proxy servers at your disposal, and time. Give the fact that you have to jump through hoops which will have "some" impact, is it really worth investing effort in preventing a mirror? Wouldn't that effort be better utilized in securing the web site instead? What is publicly available is publicly available, so people can mirror if they like. If you don't like public access, you have to use authentication in order to limit your audience. You can also create "accounting" methods that limit how much a user/session can retrieve but you will have to convert all content to dynamically served content (i.e. no static pages/image/files/etc), otherwise the horde of proxies will suck your web server dry in no time :) Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: Local Mirror Prevention with IDS Frank Knobbe (Jan 06)