homepage Welcome to WebmasterWorld Guest from 54.161.147.106
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

    
unzip.exe traffic spikes
Am I an unwitting worm accomplice?
humbads




msg:347361
 6:08 am on Jan 18, 2004 (gmt 0)

I have a page where I've posted a freeware version of unzip.exe. This past week, this file received huge traffic spikes from a large number of unique hosts. What normally receives 1-3 unique hits per day, received 225 on 1/13/2003 at 5:15 PST and 615 on 1/17/2003 at 17:30 PST. All of the hits are from user agent "Mozilla/4.0", and they appear to be coming from mostly dialup, cable, and DSL hosts. It looks very much like someone programmed a worm or virus that relies on this file. It could also be one of those website load testing programs like CapCal that I posted about just now. The problem is the file is 150KB, and the last spike used up almost 100 Megs of my bandwidth quota. I'm going to contact my hosting provider about this, but I just thought I'd post it here for your information.

Cheers,
Shailesh

 

Dreamquick




msg:347362
 9:16 pm on Jan 20, 2004 (gmt 0)

Why not just move the program somewhere else and redirect the old location to the download instructions page (I presume there is one) which includes the new location?

This stops the bandwidth spike, doesn't hurt existing users and foils anything which is trying to automatically download that file.

- Tony

humbads




msg:347363
 10:39 pm on Jan 20, 2004 (gmt 0)

Thanks for the reply. That is exactly what my hosting provider suggested. But since I'm well below my quota of 50GB/month, and I haven't seen more activity since, I'm no longer too concerned. It just throws off my unique visitor statistics. I wish whoever was doing it would put a real user agent instead of generic "Mozilla/4.0", so I could filter it out of my statistics.

FYI, the stats of the last spike:

total requests to unzip.exe: 611
full, successful transfers: 598

transfer each full request: 159,744 bytes
total full transfer: 95,526,912 bytes

start time: 17/Jan/2004:17:32:33 -0800
end time: 17/Jan/2004:17:46:25 -0800

total time: 13 minutes 8 seconds or 788 seconds

transfer per second: 121,227 bytes per second
full transfer per second: 0.78

Not bad for a shared hosting plan at [nyip.net...]

Shailesh

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved