On 1/30/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Last night, a single user (or, at least, a single IP address) in China that self-identified as running windows98 and Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz 24980 times and sqlite-source-3_3_12.zip 25044 times over about a 5 hour period, sucking up significant bandwidth in the process. I've seen this type of thing before and have on occasion banned specific IP addresses from the website using iptables -A INPUT -s <ipaddress> -j DROP
I created a script that scanned my site logs for such things and it automates dropping them into the iptables bit bucket. I'm sure you could come up with something workable fairly quickly