[BUG] DDOS Makes Fake Resources Lists
Published a year ago
Published a year ago
Bulkahov
Updated 2 years ago
0
After a attack of ddos or scanners. Safeline take as resource list the urls that scanned the botnet/bots as source list and it fulls the list of total assets.
In this case we not have wordpress also we not have several lot of urls detected
Bulkahov
Updated 2 years ago
0
Run mode: Defense , All in Strict Mode.
Bulkahov
Updated 2 years ago
0
I made this post here because on github all is on chinese and i dont want to bother, if is wrong section, please delete the post.
Monster
Updated 2 years ago
0
Thanks for the feedback, I need to confirm first, are these pages returning 404?
Bulkahov
Updated 2 years ago
Yes, pages returning 404 but is marked as assets anyway
Monster
Updated 2 years ago
0
We have found a similar phenomenon before, where requests with an http status code other not match 200 will also be recorded. This problem has been fixed in version 6.0.3.
Bulkahov
Updated 2 years ago
0
I see only happends if i have the challenge active, maybe is that, i will try to reproduce error on a fresh domain
Bulkahov
Updated 2 years ago
0
Yes, i started with a normal website on strict mode and defense (not challenge) and attacked the website with random folders like /qa /am and custom files like text.txt and yeah it making false assets but i see only happends on nginx, im testing another but yeah seems a little issue
Bulkahov
Updated 2 years ago
0
zhiduopc
Updated a year ago
0
This is supposed to be layer 7, DDOS doesn't do scans and L7's
Deleted User
Updated a year ago
0
there must be improvement here!