[CLUE-Tech] precedence question - apache

Charles Oriez coriez at oriez.org
Thu Aug 12 10:55:26 MDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 11:39 PM 8/11/2004 -0600, Mike Staver wrote:

>>>[snip]
>>>Second question:
>>>
>>>Digging through the doc on hosts deny, I can see that rather than 
>>>routing him to my 403 page I can execute any shell command I want 
>>>whenever I get a hit from that IPA.  My evil twin suggested redirecting 
>>>him to start the auto download of the 284M service pack 2 for XP so that 
>>>he can download that 200 times a day (cogentco charges for excess 
>>>bandwidth usage).  That probably wouldn't be fair to Microsoft though, 
>>>so I won't.  However, what I really want is to come up with a shell 
>>>command that will have a tarpit effect on him, without costing me any, 
>>>or very many, machine cycles.  Ideas, anyone?
>>>
>>>
>>I *like* your evil twin and his ideas....
>>My evil twin is tempted by your evil twin....
>
><puts goatee on> (I know, lame South Park reference...)
>
>Well, my evil twin would like to see code that could pull off a redirect 
>like that... I mean, how can you be assured that the download would 
>actually occur on the client end? I sometimes have this problem sending 
>out things like pdfs, etc to clients from websites I've designed.  My 
>company doesn't get charged for bandwidth we use... so I wouldn't even 
>have to point a client at Microsoft's huge service pack, and I could 
>simply point them at something else very large on my network.  Not that I 
>like wasting my bandwidth, but still, it would be funny...
>
></takes goatee off>

"lynx" counts as a shell command as far as hosts.deny is 
concerned.  execute it with a URL that has a massive download, and all is 
well.  A software download seems to fit the bill best. The XP download 
requires too much information though to actually get the download started, 
so when I get sufficiently annoyed to actually do it, I'll need to look for 
something else.

meanwhile, IPTABLES is working for me, now that I got prodded to get off my 
duff and look up the commands.  I added a couple of spam sources that were 
forcing me to do multiple hundreds of lookups per day of the dnsbls as 
well. One in South Africa hit me 173 times yesterday in a period measured 
in minutes, and that repeats every day. Of course, the downside of that is 
that if Telkomadsl ever cleans up its act and gets off of SORBS and SPEWS, 
I'll still have it listed.  They've been at it for weeks though, so I think 
I gave them a reasonable amount of time to get their act together.




- --
coriez at oriez.org 39  34' 34.4"N / 105 00' 06.3"W
"...Life is not a journey to the grave with the intention of arriving 
safely in one pretty and well preserved piece, but to slide across the 
finish line broadside, thoroughly used up, worn out, leaking oil, and 
shouting GERONIMO!!!" -- Bill McKenna, date unknown 
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
Comment: created 6/26/04 expire 6/25/05 stored MIT & PGP.COM

iQA/AwUBQRug/riLNnC0cMkdEQLPIQCgkjxsGn3H79lJDDhi4Ml0zDNmYfEAn05R
cdLdXOPsOC8ZWaAfAN4iHyKh
=eyXT
-----END PGP SIGNATURE-----

More information about the clue-tech mailing list