[CentOS-mirror] DOS attack downloading DVD isos

Thu Nov 26 03:06:50 UTC 2009
Nick Olsen <Nick at 141networks.com>

To be 100% honest, I was going off the fedora mirroring tutorial, And 
Was mistaken, It states this.


          Redirecting ISO downloads to FTP

Apache 2.x and earlier can't distribute files larger than 2GB. This 
means DVD images won't work. (lighttpd doesn't have this limitation). 
Also, some people find FTP to be more efficient than HTTP for really 
large files like ISO images. These Rewrite lines will redirect all HTTP 
GET requests for *.iso files to a different FTP daemon. With this 
method, HEAD requests used by the MirrorManager crawler for *.iso files 
aren't rewritten, which gives better crawling results.




On 11/25/2009 10:00 PM, H. Peter Anvin wrote:
> On 11/25/2009 03:19 PM, Nick Olsen wrote:
>    
>> A lot of mirrors do this anyways. ISO's are big files, HTTP wasn't made
>> to move big files. Most people do this just so the user has a better
>> chance of the download completing successfully.
>>      
> What makes you say that http was not made to move big files?  There is
> absolutely nothing about http which makes it unsuitable for large files.
>
> I would personally consider a mirror redirecting http traffic to ftp to
> be broken.  It's at the very best rude for people behind firewalls.
>
> 	-hpa
>
>    
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20091125/bad53a7d/attachment-0006.html>