On Tue, Dec 9, 2008 at 5:50 PM, <[EMAIL PROTECTED]> wrote: > I'm getting tired of the various things hitting my web server for things > that > don't exist. Last night someone tried over 3000 things off my server and > only got back 5 valid pages which is the system home page. > > I've found both breakinguard and denyhosts to be very useful tools > for stopping SSH brute force attacks. I'm thinking along those same > lines. If bad-client tries over X web pages against my server, I no > longer care to talk to them. Drop in an ip table shun and let them > find some other server to poke at. > > This would close down a number of the sql injectors, scanners, etc. > > I'm sure I could modify the above to do what I want, but if someone > has already done the work, why re-invent? >
This is a waste of time new IP blocks are brought up faster than older ones are shutdown. As someone else mentioned this isnt worth the time your going to spend to invest in something that works. Most of these attacks will originate from compromised hosts anyway. Why not do something more useful like watch rain fall :) > > Thanks > --Gene > _______________________________________________ > Tech mailing list > [email protected] > http://lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > -- [ Rodrick R. Brown ] http://www.rodrickbrown.com http://www.linkedin.com/in/rodrickbrown
_______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
