On 16 Apr 2013, at 17:58, chris derham <ch...@derham.me.uk> wrote: >> Or, another way of looking at this would be that for every 40 servers >> scanned without a 404 delay, the same bot infrastructure within the same >> time would only be able to scan 1 server if a 1 s 404 delay was implemented >> by 50% of the webservers. > > This assumes that the scanning software makes sequential requests. > Assuming your suggestion was rolled out (which I think is a good idea > in principal), wouldn't the scanners be updated to make concurrent > async requests? At which point, you only end up adding 1 second to the > total original time? Which kind of defeats it. > > Again I'd like to state that I think you are onto a good idea, but the > other important point is that some (most?) of these scans are run from > botnets. These have zero cost (well for the bot farmers anyway). My > point is even if the proposal worked, they don't care if their herd is > held up a little longer - they are abusing other people > computers/connections so it doesn't cost them anything directly. > > Sorry but those are my thoughts
I tend to agree. Effort will just be expended elsewhere, and that's assuming this would have enough of an impact to be noticed. p > > Chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
