I still don’t understand why some bots try to enumerate everything via the Vulnerability-Lookup API when full dumps, including all metadata, are available in one shot:
-
I still don’t understand why some bots try to enumerate everything via the Vulnerability-Lookup API when full dumps, including all metadata, are available in one shot:
We currently don’t rate-limit bots, but we’re close to doing so.
-
I still don’t understand why some bots try to enumerate everything via the Vulnerability-Lookup API when full dumps, including all metadata, are available in one shot:
We currently don’t rate-limit bots, but we’re close to doing so.
@adulau well they’re bots, they just enumerate *everything*
-
I still don’t understand why some bots try to enumerate everything via the Vulnerability-Lookup API when full dumps, including all metadata, are available in one shot:
We currently don’t rate-limit bots, but we’re close to doing so.
@adulau Your robots.txt say you disallow bots... https://vulnerability.circl.lu/robots.txt
-
R relay@relay.infosec.exchange shared this topic
-
I still don’t understand why some bots try to enumerate everything via the Vulnerability-Lookup API when full dumps, including all metadata, are available in one shot:
We currently don’t rate-limit bots, but we’re close to doing so.
@adulau you just found a way to estimate the age of whoever wrote them: if API, very young (or the AIs themselves), if wget ~ 40, if bash and nc, it could be me.
