On Tue, 2007-10-30 at 14:32 -0400, George Kozak wrote: > However, this person still seems to be getting through. My java > process is running from 50%-80% CPU usage. Does anyone have a good > idea on how to shutout a malicious IP in DSpace?
I believe your configuration changes should be sufficient to prevent
access if you restarted/reloaded your daemons and did not have override
restriction directives in place on higher level directories.
On our Linux systems, we attempt to throttle such users with Apache's
mod_cband. Mark Diggory has created a "bot class" that we regularly add
crawlers that do not respect our robots.txt directives to.
For truly malevolent clients, I drop the route to their machine, or
network, on our production system preventing us from sending the packets
back to them that are necessary to create any connections:
bash# route add -host xxx.xxx.xxx.xxx reject
bash# route add -net xxx.xxx.xxx.0 netmask 255.255.255.0 reject
You'd need to add such routing changes to the appropriate boot scripts
for your Linux distribution to make them persistent.
- VAB
-
V. Alex Brennen [EMAIL PROTECTED]
UNIX Systems Administrator
MIT Libraries x3-9327
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
