Re: new, not nice web bots disposal
On Wednesday 26 February 2020 13:54:09 Reco wrote:
> Hi.
>
> On Wed, Feb 26, 2020 at 01:50:40PM -0500, Lee wrote:
> > On 2/26/20, Gene Heskett <gheskett@shentel.net> wrote:
> > > over the last 90 days or so, we seem to have been plauged with a
> > > new breed of bots scanning our web pages, and they are not just
> > > indexing our web pages I don't mind that, but they are ignoring
> > > our robots.txt and are mirroring anything apache2 can reach,
> > > including stuff thats there but not reachable by a normal browser
> > > just looking around and clicking on links.
> >
> > <.. snip ..>
> >
> > > To add a new rule, covering that whole 256 address block because
> > > they seem to have a random address, changed about weekly, in that
> > > block:
> > >
> > > root@coyote:iptables$ cat iptables-add
> > >
> > > #!/bin/bash
> > > iptables -I INPUT -s add.ress.to.block/24 -j DROP
> >
> > Have you considered REJECT instead of DROP?
>
> A neat idea for your LAN. A bad idea in this case.
>
> You *want* that other side to retry, wasting their time instead of
> spamming their target. In fact, one should consider using TARPIT
> instead of a DROP here.
>
> Reco
Now thats a thought, does it take much fiddling to set that up? Links to
tuts plz.
Thanks Reco
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: