Hi Linda W,
Thanks for your input
we don't want to protect against people who really want to get us -
because they always will.
And if this happens - we also have to start reviewing each code of viml
at vim.sf.net ..
Luckily I don't know about trojans or the like yet (which does not mean
that they don't exist)
> How about setup some script generated, hidden dummy links
> that are dynamically generated and don't respond -- (not 404's but
> just keep the connection open and don't respond... force them to timeout).
That will not be a problem either if they really want to get vim.sf.net
Attackers may use stolen hardware - the game is always unfair.
The idea was to protect against random bots who don't know what they are
doing - just trying to spam the world.
Such hidden links indeed could be used
to detect both:
- google (which might cause a bader rating, because site loads slowly)
- attackers
for google like bots rel="nofollow" could be tried.
My goal ends at "make attackers have to use their human brain to attack
vim.sf net" - otherwise keep out and the database clean.
If Bram or John have additional notes I guess they'll reply, too.
Marc Weber
--
--
You received this message from the "vim_use" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups "vim_use" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vim_use+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment