Re: Local Mirror Prevention with IDS

[Frank Knobbe <frank () knobbe us>]

On Fri, 2004-12-17 at 14:38 +0200, Dimitrios Patsos wrote:
> Can anybody provide some help on how can we prevent a user from making a
> local mirror of a web site by using both host & network IDS?

You can't prevent it 100%.

Everything listed so far are mitigating factors, but a determined user
can easily evade those controls. All it takes is a Master Control
Program (pun intended), a horde of open proxy servers at your disposal,
and time.

Give the fact that you have to jump through hoops which will have "some"
impact, is it really worth investing effort in preventing a mirror?
Wouldn't that effort be better utilized in securing the web site
instead?

What is publicly available is publicly available, so people can mirror
if they like. If you don't like public access, you have to use
authentication in order to limit your audience. You can also create
"accounting" methods that limit how much a user/session can retrieve but
you will have to convert all content to dynamically served content (i.e.
no static pages/image/files/etc), otherwise the horde of proxies will
suck your web server dry in no time :)

Regards,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part