[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Web-bot tarpit aka spider trap (was: swamp rat bots Q)

On Fri, Dec 04, 2020 at 11:02:48AM -0500, Gene Heskett wrote:


> Sounds like a good idea, I'll have to think about it, feed the bots in 
> 256 byte pieces every 5 seconds to keep them from timing out, with 256 
> bytes from rnd mixed in to make a dos packet? :) Just be sure the crc is 
> good. ;-)

There used to be a firewall thingmajig doing tarpit. Ah, nftables also
has an addon for that.

That said, it's eating resources on your side too, and chances are
that almost every resource, from CPU power to electrical power is
cheaper on the other side.

The best strategy, therefore, seems to be DROP. This, at least, lets
the other side wondering whether an answer is coming for as long as
their timeout is -- and even unsure about whether their victim is
there at all.

Revenge may taste enticing, but isn't always the wisest adviser.

 - t

Attachment: signature.asc
Description: Digital signature

Reply to: