|
||||||||||
On Tue, 13 Sep 2005 09:15:13 -0400 Peter <peter at iwebsl dot com> wrote: > I run a web site that is continually under attack by script kiddies with password hurlers. > Is this SSH/telnet? See http://www.teamITS.com/resources/ for one idea. In our experience these attacks probably run from zombie PCs since they don't seem to repeat very often, if at all. Once an IP is blocked and can't connect it moves on and doesn't try again. You could adapt the idea if you are using web authentication, to save the connecting IP via your authentication script and programmatically add your /etc/hosts entries for port 80. - Steve Yates - ITS, Inc. - Nightmare: Cat with opposable thumbs. ~ Taglines by Taglinator 4 - www.srtware.com ~ |