Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Mon, 17 Feb 2003 11:27:48 -0500
From: Christopher Faylor <cgf AT redhat DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: ftp access to download from sources.redhat.com
Message-ID: <20030217162748.GB4693@redhat.com>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <20030217155748 DOT 31272 DOT qmail AT web12302 DOT mail DOT yahoo DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030217155748.31272.qmail@web12302.mail.yahoo.com>
User-Agent: Mutt/1.5.1i

On Mon, Feb 17, 2003 at 07:57:48AM -0800, neal somos wrote:
>Christopher Faylor wrote ...
>>I tried an experiment recently where I turned on ftp access to the
>>cygwin download directory on sources.redhat.com.  The result seemed to
>>be that people started downloading cygwin's package .tar.bz2 files
>>directly and (somehow) used tar to extract files rather than running
>>setup.exe.
>
>I think it may be possible that sources.redhat.com is among the more
>popular and closely monitored download archives for software in
>general.  Perhaps it is not people downloading files, but automation
>seeing something new or different in the archives triggering accesses.
>
>This theory could be tested, by turning on access, and once the initial
>rash of downloads has taken place, to touch a few selected packages and
>see if just the touched packages are downloaded again from sites that
>had downloaded previously.  Although it is possible that such specific
>downloads (if they occur) are people, it is far more likely to be
>automation.

I have very detailed logs of what is downloaded.  I can see the
difference between people downloading individual files and systems
trying to mirror the whole thing.

But, that is not what I was talking about.  I saw an increased
indication of setup.exe being bypassed here, in this mailing list, If it
helps you or anyone understand this issue better, forget the whole
"experiment" part of the email.  It really was just a datapoint.  I
added it in case someone said "Hey, I found I could download from
sources.redhat.com, mebbe that's it." Since download access has been
turned off now for a couple of weeks, this is not an issue now.  *I
think* we are still seeing people bypassing setup.exe, though.

I think we now have enough theories on why this is.  The one that
most appeals to me is that cygwin is just more popular now and
we're seeing a proportional increase in the number of confused
downloaders as a result.

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/