[EMAIL PROTECTED] wrote:
> I'm getting tired of the various things hitting my web server for things that
> don't exist. Last night someone tried over 3000 things off my server and
> only got back 5 valid pages which is the system home page.
>
> I've found both breakinguard and denyhosts to be very useful tools
> for stopping SSH brute force attacks. I'm thinking along those same
> lines. If bad-client tries over X web pages against my server, I no
> longer care to talk to them. Drop in an ip table shun and let them
> find some other server to poke at.
>
> This would close down a number of the sql injectors, scanners, etc.
>
> I'm sure I could modify the above to do what I want, but if someone
> has already done the work, why re-invent?
>
>
If you can't find anything else, I bet you could modify
http://dominia.org/djao/limitipconn.html to do this. It already has
hooks into clients. It's just looking for downloads instead of page not
founds.
_______________________________________________
Tech mailing list
[email protected]
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
