ExplorOz Team - David posted:

Telstra do have an abuse reporting function. So I filled out the details and will wait to see what happens. In the mean time I now know what to look for and will sort it out a lot quicker next time. I think now I will also have to make a mod to count the number of sessions per IP address. Just more crap that I have to install to stop the one or two people out there whilst making it harder for the rest of us.

Anyway I will think about the best way to stop this in the future and implement it.

srowlandson posted:

Unfortunately, I doubt telstra will treat it as abuse.

They are technically 'browsing' your website', some cache servers such as MS ISA Server can cache a whole website in the cache on a predetermined date time to avoid link saturation in peak times,

They are technically doing nothing wrong, until they use those images / content on a site somewhere. Then.. It is abuse.

We had the same issue a few years ago when discountnewcars.com.au's content and images were cloned into a new site (i forget the url) and the turkey even had discountnewcars text in his site (he failed to edit our company name from the text) he was soon shut down.

I also had a turkey in Holland rip off a lot of Offroader Articles, he had the cheek to link back to my own images on my server, so got a rude shock when i edited my page and replaced the old images with a kind not informing his reads the article was stolen ;)

FWIW, I did a Server Scan through all my Web Servers Logs etc, nothing comes up form that IP :(

Steve

ExplorOz Team - David posted:

Did you meet Mr PacificIslandTravel - he had all our treknotes published on his site. Yeah I know about the issue of content usage etc and that it is not up to Telstra however I pitched the abuse request at DOS as he was hitting the system with around 10 requests per second upto whatever his server would deliver in terms of browser threads I counted over 5000 gets in less than 2 mins. In any case I have canned his IP. If he had written the process to take page by page we would not have known and really we would not care however it was the DOS style of attack that was more the problem.

I suspect I will find the site appearing on the net soon enough.

Anyway take it easy Steve speak to you later.

Michelle from ExplorOz posted:

Hi - I'll answer this as its an important question to answer and David is at a client site all day today so cannot respond. I would like to ally any fears you or others may have...

This intrusion is only on published content - they basically have written a program to extract the page information from the list of shop products that you view - just the images and text that the world can see. Just an automated way to extract the data rather than a manual cut and paste in fact. They are not actually getting into our backend database as that is totally protected - this is not a hack, but just extraction of publicly viewable data.

Further - we do not store credit card details at all as we delete these details the moment they come through. This is why regular repeat purchasers must enter their card details for each order as we do not keep them.

Hope this clears it up.
It does not affect us really - just that the site was slow because they opened multiple sessions (thousands of them) to copy the data off - ie. for each item they copied, they opened another session and their program must have gone haywire because it ook something like 40,000 attempts to extract a few hundred items. The site is good enough to handle a large volume of users at any time but certainly not good enough to cope with thousands of shop page views at the same time!

Must go back to the crying baby!!

Member - Melissa posted:

Thanks Michelle. A good explanation for the non-technically computer minded people among us.

Hope Chardae isn't giving you too hard a time ;-)

:o) Melissa