Security Incidents mailing list archives
Re: DOS From "inktomi.com"? - CONCLUSION
From: "Vonelm, William J" <billve () BNL GOV>
Date: Wed, 23 Aug 2000 09:36:22 -0400
Looks like this was "mostly harmless". While the crawler involved was particularly aggressive it seems that the web admin involved ah... *forgot* to install a "robots.txt" file to limit it's curiosity. Everything now appears to have returned to normal although we will be keeping an eye on the Exodus subnet (216.35.0.0) from which the crawler originated as we've had "issues" with Exodus in the past. Many thanks to all those who responded! -- Bill Von Elm: Computer Analyst- Cyber Security Operations e-mail: billve () bnl gov || Phone:(631)344-4131 || Fax:(631)344-3211 Brookhaven National Laboratory - United States Department of Energy "Facts do not cease to exist because they are ignored." - Aldous Huxley
-----Original Message----- From: Tim O'Connor [mailto:tco () ENTERACT COM] Sent: Tuesday, August 22, 2000 5:33 PM To: INCIDENTS () SECURITYFOCUS COM Subject: Re: DOS From "inktomi.com"? Bill, Inktomi is a provider of content for search engines. It's probably a crawler that is having problems navigating your site. DOS is highly unlikely. -TO- On Tue, 22 Aug 2000, Vonelm, William J wrote:Hello all, We've just had one of our web servers pummeled into theground by repeatedcgi requests from what appears to be a web-crawler from"inktomi.com". Hasanybody else experienced this? Is it some kind ofmalicious web Denial ofService attack or just a poorly constructed web crawler? Thanks! -- Bill Von Elm: Computer Analyst- Cyber Security Operations e-mail: billve () bnl gov Brookhaven National Laboratory - United States Department of Energy "Facts do not cease to exist because they are ignored." - Aldous Huxley
Current thread:
- Re: DOS From "inktomi.com"? - CONCLUSION Vonelm, William J (Aug 23)