Identical traffic
Posted
by Walter White
on Server Fault
See other posts from Server Fault
or by Walter White
Published on 2010-06-08T15:14:54Z
Indexed on
2010/06/08
15:23 UTC
Read the original article
Hit count: 501
Hi all,
I am running an application server and logging all requests for analysis purposes later. One interesting trend I noticed last night was, I had a visitor from Texas on FIOS share identical traffic with bluecoat in California.
What would cause the traffic to be identical? For every request the visitor made, bluecoat made one subsequently within milliseconds of his request. If it is caching, why would there be identical requests? Wouldn't it go through the cache / proxy on their end, and I would only see the proxied request?
I'm just curious, this is an interesting pattern that shows similarities of a DDoS attack, but with far fewer resources. Is it possible that the visitor had malware on their computer?
Any other ideas?
Walter
© Server Fault or respective owner