Re: Blocking client based on HTTP request

Path	csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!news.glorb.com!transit3.readnews.com!news-out.readnews.com!s09-01.readnews.com!not-for-mail
X-Trace	DXC=Q9HSALRLjnK7LfE0P3nBAM@lWf8?fSK:AjS@R6]oDiIO[j;g`C24>VKo=iH@LQ<Yb@7_eVaDg>Y]MMaGV>NT0NjFRZ\7I^A[A3LL]4WGaAAl1@
X-Complaints-To	abuse@gradwell.net
Content-Type	text/plain; charset="ISO-8859-1"
From	David Hough <noone$$@llondel.org>
Organization	the bus stop
Date	Fri, 24 May 2013 19:42:19 +0100
User-Agent	KNode/4.8.5
Content-Transfer-Encoding	7Bit
X-No-Archive	Yes
Subject	Re: Blocking client based on HTTP request
Newsgroups	comp.os.linux.networking, comp.os.linux.security, comp.infosystems.www.servers.unix
References	<mr-CA16B8.15073524052013@News.Individual.NET>
Followup-To	comp.os.linux.security
MIME-Version	1.0
Message-ID	<bto47a-45c.ln1@llondel.org> (permalink)
Lines	14
NNTP-Posting-Host	56e32a4d.ngroups.net
Xref	csiph.com comp.os.linux.networking:2157 comp.os.linux.security:311 comp.infosystems.www.servers.unix:194

Cross-posted to 3 groups.

Followups directed to: comp.os.linux.security

Show key headers only | View raw

Sandman wrote:

> So, as my other thread may suggest, I have problems with users flooding
> my server with requests for /wpad.dat
> 
> Is there an easy way to use iptables to trigger on those requests and
> then add the IP to a blacklist?
> 
Try fail2ban <http://www.fail2ban.org> as one possible candidate.

I've not yet tried to use it but it's on my to-do list.

Dave

Back to comp.os.linux.security | Previous | Next — Previous in thread | Next in thread | Find similar

Thread

Blocking client based on HTTP request Sandman <mr@sandman.net> - 2013-05-24 15:07 +0200
  Re: Blocking client based on HTTP request David Hough <noone$$@llondel.org> - 2013-05-24 19:42 +0100
    Re: Blocking client based on HTTP request Sandman <mr@sandman.net> - 2013-05-24 21:11 +0200

csiph-web