i stumbked across a website being taken down by it0's host because it was what seemd like being attacked by dos but it was infact an evil little script that sends thousands of fake hits.
Ofcourse the script makers say it'll improve your alexa ranking etc, etc bull........, but ofcourse it can be used against your competition can't it!!
My question is how can i protect myself against such an attack?

i don't want to post the name of the script as i beielve the less that know about it the better, ofcourse i may be in the dark and everyone knows about it but still.

this is a little quote from their description:

"Using PHP, it routes HTTP get requests through a massive list of anonymous proxy servers which can be defined by you. Even banners on your site get impressions"

I'm sure a decent host won't take your site down on the first attack. They will give you some sort of notice or at least let you know about it. After that ask them to provide you with the logs, and just block all those proxy IPs in your .htaccess Or you can just google for lists of annymous proxy lists and block them now.

I personally haven't heard of this happening at all until now, I wouldn't much worry about it.

no i'm pretty sure my host would work with me to solve any problem but i was just wondering if there were any ways to prevent it in the first place, but i suppose unless you knwo the refferers and ip's you can't really can you!

i've seen someones site taken down by accident through using this script, it wasn't used maliciously but could be so easily

aqi,

i know the script your talking about and yes one of my sites has been attacked...

and truly the worst part is the fake banner impressions.....plus blocking all proxies means blocking all aol users.

plus...the script has about 10,000 types of different referrals, of whick 6000 is the list anonymous proxy ip's.


besimple :(

Ya, it seems proxies are the new big thing on the 'net now. First it was DOS attacks, now it's the people who think they're leet 'cuz they have a proxy list at hand.

my irc network has had it's share of proxy problems, so we're in the midst of setting a better system. We made a quick fix for this, by finding some pretty big proxy ip listings, and have a wget script pull it down every hour or so. After that, we got a mirc script (i told ya it was a quick fix ;)) parse the file yanks teh ips, and global bans them for x amount of time.

We're working on a better setup, hopefully using a better engine to stop us from having 1000's of ip's banned on each server.

I've seen scripts like that all over the place. Heck, apache ships with something similar to that, but isn't intended to nail a server off the wall.

I heard there are soem apache modules to help filter stuff like this out, but you'd need to talk with the host about it.

EDIT - also, if anyone has any MASSIVE proxy-list hubs, send me a pm with the links please :)

~Francisco