How do you block Nimda attacks from your logs? Really, now, there must be a way, I have tried script after script, I am still getting attacked by this IP:
65.192.141.115 Who are these criminals? They have no right attacking me like this! I can't whois them or traceroute, or samspade them, it is not fair. I guess you just can't run a web server anymore. Is there one good reason why I should not give up? I don't understand "honeyport", it is too hard. Isnt there something easier, a script I can just download and install? Surely, by now, someone has invented a more effective method, surely, I mean, are all the world's webmasters just going to sit down, and take it in the back? Is there a kind soul out there who would like to offer a script to this list that would retaliate by remotely shutting down the attacking server? This has got to stop, I have sat by for too long, and I don't intend to take this attacking any longer. I wish to thank all those who offered me the web pages of honeyport, thank you so much, but I'm looking for something that is more assertive, something that will *do* something, not just e mail the admin only to be ignored, I'm not playing Mr. Nice any more. I'm going to aggressively fight back, if there is a script that I can put in my /bin directory that will scan my /var/tmp/blocked file and instead of just ipchain-ing them out, (INEFFECTIVE!) it will shut them down, it is the only way. Thank you so much to all who help. __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com