Re: new, not nice web bots disposal
On Wednesday 26 February 2020 23:25:53 Lee wrote:
> On 2/26/20, Gene Heskett <gheskett@shentel.net> wrote:
> > On Wednesday 26 February 2020 16:00:35 tomas@tuxteam.de wrote:
> >> On Wed, Feb 26, 2020 at 09:54:09PM +0300, Reco wrote:
> >> > Hi.
> >> >
> >> > On Wed, Feb 26, 2020 at 01:50:40PM -0500, Lee wrote:
> >>
> >> [...]
> >>
> >> > > Have you considered REJECT instead of DROP?
> >> >
> >> > A neat idea for your LAN. A bad idea in this case.
> >>
> >> Exactly.
> >>
> >> > You *want* that other side to retry, wasting their time instead
> >> > of spamming their target. In fact, one should consider using
> >> > TARPIT instead of a DROP here.
> >
> > My copy of iptables-extensions makes zero mention of TARPIT.
> >
> >> Moreover: you don't want the other side to even know that you're
> >> there. The less info you give away the better.
> >
> > My reasoning too.
>
> You're advertising your web server in your sig. The "other side"
> ALREADY KNOWS you have a web server there.
>
This is true...
> If you're going to advertise your presence on the web it seems
> pointless to pretend that you're not there. And the bots you'd be
> REJECTing are the ones that have ignored your robots.txt file, so why
> not just tell them to go away instead of putting up with their
> retries?
What if they ignore that RST too?
> > I'd much druther be a black hole that doesn't even have
> > any Hawking Radiation. But I've no info that such a beast exists
> > anyplace in the universe. There is info in the fact of there not
> > being any response.
> >
> >> In a LAN, however, REJECT is far better: you want the other side
> >> to know that you're there, but not talking.
> >
> > I'd call this a WAN since its intended to go out on the internet.
> > And I am the only user inside this LAN.
> >
> > In that event, and given that a /24 rule caught them, how many out
> > of that /24 get the reject message?
>
> However many hit the REJECT rule. The iptables rule is going to send
> a RST to anything in that /24 tries to access your server. The other
> hosts in that /24 that aren't trying to access your server won't get
> anything from you.
Good, you guys are beginning to make sense. Done.
> Regards,
> Lee
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: