Welcome to the post nimda world. The internet will never be the same again. :) It's pointless to block the ip's, almost every broadband non-techie in the US is nimda infected.
----- Original Message ----- From: <[EMAIL PROTECTED]> To: "Security-Basics List" <[EMAIL PROTECTED]> Sent: Wednesday, March 06, 2002 7:29 AM Subject: apache being bombarded > Hi gurus > one of my apache servers is being bombarded by some IPs (in different > ranges) trying for a root.exe or cmd.exe. etc. > luckily im on redhat 71. linux. > but the tries frequency is every second from some ip or another. > im running portsentry but portesntry does not log port 80 > how do i block them from permanently accessing my server. > BTW ive put that IPs in my /etc/hosts.deny still no joy. > > thanks > durga prasad > > > >