Ivan Barrera A. wrote:
That is true. But the idea beneath this, is detecting the atacckers. Then, issuing the ip to a text file, which will be read by another script that will fed the firewall to block connections. Although it should increase the resources being used, it should be minimal, as they aren't that expensive.
So run the mod_status data and count connections per IP address. This will be way more reliable than any network-performance criteria, IMHO.
Joshua.
