Thanks, V. Alex: I just wasn't sure if I was missing some loophole. I think I have another malicious harvester at work. I blocked a second IP that was showing up in my logs and now my CPU usage seems to be down (keeping my fingers crossed).
(As an aside: I was asked today what I would do with my time if I wasn't an Admin for Dspace ;-) ) At 02:51 PM 10/30/2007, V. Alex Brennen wrote: >On Tue, 2007-10-30 at 14:32 -0400, George Kozak wrote: > > > However, this person still seems to be getting through. My java > > process is running from 50%-80% CPU usage. Does anyone have a good > > idea on how to shutout a malicious IP in DSpace? > >I believe your configuration changes should be sufficient to prevent >access if you restarted/reloaded your daemons and did not have override >restriction directives in place on higher level directories. > >On our Linux systems, we attempt to throttle such users with Apache's >mod_cband. Mark Diggory has created a "bot class" that we regularly add >crawlers that do not respect our robots.txt directives to. > >For truly malevolent clients, I drop the route to their machine, or >network, on our production system preventing us from sending the packets >back to them that are necessary to create any connections: > >bash# route add -host xxx.xxx.xxx.xxx reject >bash# route add -net xxx.xxx.xxx.0 netmask 255.255.255.0 reject > >You'd need to add such routing changes to the appropriate boot scripts >for your Linux distribution to make them persistent. > > > - VAB >- >V. Alex Brennen [EMAIL PROTECTED] >UNIX Systems Administrator >MIT Libraries x3-9327 > *************************** George Kozak Coordinator Web Development and Management Digital Media Group 501 Olin Library Cornell University 607-255-8924 *************************** [EMAIL PROTECTED] ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
