Did it read and obey robots.txt?

Thanks,
Jim

jdMorgan, it did not request (or read) robots.txt.

130.94.245.51 (Verio),
202.157.154.105 (Webvisions Pte Ltd),
195.149.39.86 (Exodus Communications) and
64.71.140.50 (Hurricane Electric).

Is this probably an example of what I think is called IP Address spoofing?

or what did you mean by IP address spoofing?

The content in question is valuable and desirable and they often have to deal with thieves. IMO it's not unreasonable to think it might be worth someone's time to craft a bot specifically for that website.

I'd agree with PsychoTekk - it's very unlikely to be true ip address spoofing as the level of effort & technical knowledge required to spoof *and* recieve the packets across the net is going to be so extremely high - building that level of ability into a bot is pointless.

Sending spoofed packets in a single direction is really quite easy to do - it just involves making a packet to the correct specification with the forged header. Getting the response back (i.e. sending *and* then recieving spoofed packets) is a whole heap more tricky as by definition you will not get a spoofed packet returned to the real source address.

You either have to be able to sniff the traffic as it goes out to the forged address or somehow affect the routing so that traffic to the forged address goes to the address you want it to go to.

Neither one of those are all that easy and most of the time it would be more time effective just to crack the box!

A more likely scenario for traffic appearing to come from random addresses is the use of open proxies - the last hop appears to be the source of the request so anyone can effectively appear to be someone else if they find they happen to be running an open proxy.

Additionally routing traffic through a proxy (or a chain of proxies) requires very little extra effort to code into any application once you understand the basic idea of how a http request works.

Tony