[clug] Sitar@home; Indirectly targeting veri greedy people

Kim Holburn kim.holburn at anu.edu.au
Thu Sep 25 14:23:14 EST 2003


At 1:03 PM +1000 2003/09/25, Antony Wuth wrote:
>Michael.James at csiro.au (Michael.James at csiro.au) wrote:
>
>> I'm wondering if now might be a good time
>>  to scan and map out ALL domains in .com.
>> Up to 50 letters long.
> 
>> Pick a random string, resolve and lightly scan it,
>>  not enough to send byte counts crazy,
>>  or annoy an ISP or any real recipient.
>> Sleep lightly, pick another, scan again.
>
>Or just quietly retrieve the /robots.txt quite a legitimate activity for
>an automated robot to perform yes it may annoy someone who for example
>is resolving billions of domains that don't really exist.
>
>Of course since I apt-get'ed the latest bind update the problem has
>mysteriously vanished...
>
>Antony

---------------------------------------randdot ----------------------
#!/usr/bin/perl -w

# (C) Kim Holburn 2003
# released  under GNU Public License http://www.gnu.org/copyleft/gpl.html
# script to generate pseudo-random strings and download robots.txt files from
# random websites.
use strict;

sub fail_usage {
  my (@mess) = @_;
  for (@mess) { print STDERR "$0 Error : $_ \n"; }
  print STDERR "Usage : $0 [-h] [-n <chars>] \n";
  print STDERR "     -h|--help = show this help screen\n";
  print STDERR "   default number of chars is 20\n";
  print STDERR "    \n";
  exit 1;
}
 
my @chars=(
  "a","b","c","d","e","f","g","h","i","j","k","l","m","n",
  "o","p","q","r","s","t","u","v","w","x","y","z","-",
  "0","1","2","3","4","5","6","7","8","9",
);

my $number=20;
while ($ARGV=$ARGV[0]) {
  if ($ARGV eq "-n")  {
    shift @ARGV;
    if ($#ARGV < 0) { &fail_usage ("no number after -n option"); }
    my $n=shift @ARGV;
    if ($number =~ /^[0-9]{1,}$/ && $n > 0) { $number = $n; }
  } elsif ($ARGV eq "-h" || $ARGV eq "--help")  { &fail_usage (); }
  elsif ($ARGV =~ /^-/)  { &fail_usage ("unknown option \"$ARGV\""); }
  else {  last; }
}

my $randstring;
for (1..$number) { $randstring .= $chars[int(rand($#chars))]; }
print "\n";

while (1) {
  print "wget -O -  http://www.$randstring.com/robots.txt\n";
  system "wget -O -  http://www.$randstring.com/robots.txt";
}
---------------------------------------randdot ----------------------
had a bit of trouble getting it to stop;-)

Kim
-- 
--
Kim Holburn 
Network Consultant - Telecommunications Engineering
Research School of Information Sciences and Engineering
Australian National University - Ph: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at anu.edu.au  - PGP Public Key on request

Life is complex - It has real and imaginary parts.
     Andrea Leistra (rec.arts.sf.written.Robert-jordan)



More information about the linux mailing list