Many of you have heard some sort of commotion about the mysterious user "SADwyw" that shows up at every server, and does not speak --just waits. This is what this document will hopefully help clarify. It is a spider that databases of every directory in every public server on the tracker and allows viewers of the page to search the database through a CGI interface. This is a concern of eververyone because these sorts of things will make people think that the Hotline scene is all about files. Admins of Hotline sites(like myself) would hope that this is not the case. For everyone else, this is an easy chance for room 222 and other sources to scrutinize your files without even logging in(and nobody wants to get a cease and disist letter!). Where to find the home of the bot: http://ac2i.tzo.com/index.html is thier homepage http://ac2i.tzo.com/sadwyw_e.html is the SADwyw page Ways to avoid the bot: Ban it! Unfortunately though, it has two class C subnets. :-(195.132.18.xxx and 195.132.17.xxx. It will show up on any of those. Get a bot to permenantly ban all people by the name of SADwyw. Message it when it comes onto your server. This crashes the bot. Put a recursive file in front of your file directory. This is one of the things that stopped it from getting my server :-) My folder is included in this document. Force users to use a password to get viewing/downloading privs(discouraged) Write to www@ac2i.dyn.ml.org and complain to about this bot Write to thier ISP at rdoire@cybercable.tm.fr and rdn@cybercable.tm.fr and complain What I included: 10 items for all servers-> this is a list of 10 items from all catilouged servers as of 10/25/98. What you need to see if you are a sysadmin.(are you on there?) partial search for mp3->this is just to give you an idea of what this thing can do, and show you an example of the output. The transfer was interuppted, so this is not the whole output of a search of this type. sadwyw_e.html-> the interface for the bot(best viewed with MacLynx b1) sadwyw_e.text-> same as above, text format this is for SADwdw-> this is a copy of the folder in my server(it must have blown it's mind because I'm not on the list!) Info on SADwdw-> where to contact the ISP of the people running this bot(extended version, with things like telephone numbers) Programmer's Digest Server-> a bookmark of my HL site, if you need to know something. This is a very unofficial, poorly written document, so to get an idea of what it does and what I am talking about, read the info included. I, HardCoded , wrote this to give the HL community some information to start working with. Now you understand the nature, and potential danger of this problem. Do something about it.