 | | eBay nailed? —Lindsay Frederick Braun
|
| | | Hi everyone, Well, I hear that the "attack-search" weenies have turned their guns from Yahoo to eBay and buy.com. Their method seems to be to simply overwhelm the search engine with constant queries--by the hundreds of thousands per minute. Sure (...) (24 years ago, 9-Feb-00, to lugnet.market.theory)
|
| | | |
| | | | | Re: eBay nailed? —Mike Poindexter
|
| | | | | (...) Well, there is really very little that one can do to prevent this kind of attack. Limiting people's ability to search is limiting users. It is very difficult to determine what a genuine search and what is a bogus one, since the bogus one is (...) (24 years ago, 9-Feb-00, to lugnet.market.theory)
|
| | | | | |
| | | | | | | Re: eBay nailed? —Frank Filz
|
| | | | | | (...) The car analogy isn't perfect. One thing they can do is not respond to more than one query per second or some such from a given IP address, though that would screw companies with firewalls. Also, in the case of people driving cars to block (...) (24 years ago, 9-Feb-00, to lugnet.market.theory)
|
| | | | | | |
| | | | | | | | Re: eBay nailed? —David Eaton
|
| | | | | | | (...) Well, assuming the theory works, yes, you could say no more than 10 calls per second or something, but perhaps a better approach would be to make it smarter-- if someone makes 10 calls per second or something, their IP gets put on a "watch (...) (24 years ago, 9-Feb-00, to lugnet.market.theory)
|
| | | | | | | |
| | | | | | | | | Re: eBay nailed? —Frank Filz
|
| | | | | | | | | (...) Well, it could be handled on a very gross basis by the router/firewall. If it keeps track of the top IP sources of packets, it can just start discarding packets from certain IP addresses. It could also recognize large company firewalls to (...) (24 years ago, 9-Feb-00, to lugnet.off-topic.geek, lugnet.off-topic.debate)
|
| | | | | | | | | |
| | | | | | | | | Re: eBay nailed? —David Eaton
|
| | | | | | | | (...) Yep, that sounds like exactly what I'd want to do-- keep tabs on who's sending the most requests and if they look suspicious, deny them access, rather than have a flat "no more than X transactions per Y time", seeing as how you might get (...) (24 years ago, 9-Feb-00, to lugnet.off-topic.debate)
|
| | | | | | | | |
| | | | | | | | | | Re: eBay nailed? —Larry Pieniazek
|
| | | | | | | | | Charging per packet, and blocking packets both sound good in practice, and I support them in theory. They are problematic though, the way the internet is currrently engineered. Packet headers are too easy to spoof. The internet is built on the (...) (24 years ago, 9-Feb-00, to lugnet.off-topic.debate)
|
| | | | | | | | | |
| | | | | | | | | | Re: eBay nailed? —Frank Filz
|
| | | | | | | | (...) I don't think your random clicks will be a problem when time comes to charge per packet. I expect that the rates will be so miniscule that casual browsing will be free (the problem might be that it won't do enough to spam because it won't cost (...) (24 years ago, 9-Feb-00, to lugnet.off-topic.debate)
|
| | | | | | | | |
| | | | | | | | Re: eBay nailed? —Troy Cefaratti
|
| | | | | | Frank Filz <ffilz@mindspring.com> wrote in message news:38A1735A.6EEA@m...ing.com... (...) Charging for packet transfer will not solve ANY of these problems, as most of these things are done by shady charachters who mask their original identity and (...) (24 years ago, 9-Feb-00, to lugnet.market.theory)
|
| | | | | | |
| | | | | | | | Re: eBay nailed? —Larry Pieniazek
|
| | | | | | (...) Charging for packet transfer might well indeed incent those large server admins that seem to be lax to tighten up a bit. I don't think that it's fair NOT to charge an admin who has a big machine that is an "attractive nuisance", just as it's (...) (24 years ago, 10-Feb-00, to lugnet.market.theory)
|
| | | | | | |
| | | | | | | | Re: eBay nailed? —Troy Cefaratti
|
| | | | | | (...) and (...) NOT (...) bandwidth and (...) negligence (...) away. (...) Under the conditions you describe above, it would surely work. And if an admin has been warned, then I agree, they should be held accountable. I still feel, however, that on (...) (24 years ago, 11-Feb-00, to lugnet.market.theory)
|
| | | | | | |
| | | | | | | | Re: eBay nailed? —Larry Pieniazek
|
| | | | | | (...) Yep, you're right. There is no utopia. What makes it harder is that the mutation rate of the cyber environment is so very much higher than that of the biological environment... Air scrubber or water purification technology doesn't need to be (...) (24 years ago, 11-Feb-00, to lugnet.market.theory)
|
| | | | | | |
| | | | | Re: eBay nailed? —Troy Cefaratti
|
| | | | I just wonder how much of this is related to the Denial of Service attack, and how much of it is actually just due to the somewhat inherent instabilities in eBay's system. I mean, i've read several stories about this, and they all quote eBay sources (...) (24 years ago, 9-Feb-00, to lugnet.market.theory)
|
| | | | |
