Technology

69548 readers

3219 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

556

I use Zip Bombs to Protect my Server (idiallo.com)

submitted 2 days ago by [email protected] to c/[email protected]

103 comments fedilink hide all child comments

The one-liner:

dd if=/dev/zero bs=1G count=10 | gzip -c > 10GB.gz

This is brilliant.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 19 hours ago* (last edited 18 hours ago) (1 children)

Telecom for example does Deep PackageInspection. That is rather well kown. Derec made a statement years ago that it is normal for other european isps too. Here is a secondary source for it, i cant find the primary source anymore https://netzpolitik.org/2012/berec-studie-dpi-bei-vielen-providern-bereits-im-einsatz/

If you are succesful in disrupting some dataprocessing doesnt matter, trying to do it is illigal. If you put it there to disrupt crawlers you are trying to disrupt an entities dataprocessing.

If your isp does dpi an archive bomb is able to crash their server. Even if they have measures againt it, it is still illigal because trying it is illigal.

[–] [email protected] 2 points 17 hours ago (1 children)

The intent is to get rid of crawlers which are disrupting the operation of your servers. That's not intent of doing harm to the crawler's operator, or their business. It's analogous to telling a hawker to fuck off: Polite, no, but them being able to profit off you is not your responsibly, you do not have to accede to that. And intent to harm the ISP is even less reasonable to assume.

cant find the primary source anymore https://netzpolitik.org/2012/berec-studie-dpi-bei-vielen-providern-bereits-im-einsatz/

That's out of date anyway. How about this one. DPI is limited to OSI level 5 and only allowed to resolve network issues -- and a crawler crashing is not a network issue.

[–] [email protected] 2 points 17 hours ago (1 children)

That's out of date anyway. How about this one.

Good to know

A crawler is a data processing machine, nothing more. therefor you are disrupting dataprocessing through data. If you think its not thats ok too. I would still advise to contact your lawyer in germany if you are thinking about hosting a zipbomb

[–] [email protected] 1 points 16 hours ago

A crawler is a data processing machine, nothing more. therefor you are disrupting dataprocessing through data. If you think its not thats ok too.

Nah it's definitely disrupting data processing, even though at a very low-key level -- you're not causing any data to become invalid or such. It's the intent to harm the operator that's the linchpin: "Jemandem einen Nachteil zufügen". "Jemand" needs to be a person, natural or legal. And by stopping a crawler you don't want to inflict a disadvantage on the operator you want to, at most, stop them from gaining an advantage. "Inflict disadvantage" and "prevent advantage" are two different things.

I would still advise to contact your lawyer in germany if you are thinking about hosting a zipbomb

Good idea, but as already said before: First, you should contact a sysadmin. Who will tell you it's a stupid idea.