> *Subject:* Re: [twsocket] Creatively annoying a host
> > I could leave the connection open without sending a response?
> >
> Just delay the answer for a couple second, this will slow down the 
> probing.

I think keeping the client connection open as long as possible, sending
random HTTP headers every few seconds is the best way of slowing down the
hacker's crawler.  

A blacklist just saves a few 404s on each server, but really needs to be
implemented at firewall level to stop multiple servers being accessed.  

One thing that is surprising about these PHP hacks is one domain being
targeted was only registered three weeks ago and is on my shared server
so can only be accessed by host name, not IP address, yet they've found
it already, from Korea.  


To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to