On Wed, Feb 26, 2020 at 02:15:18PM -0500, Gene Heskett wrote: > On Wednesday 26 February 2020 13:54:09 Reco wrote: > > > Hi. > > > > On Wed, Feb 26, 2020 at 01:50:40PM -0500, Lee wrote: > > > On 2/26/20, Gene Heskett <ghesk...@shentel.net> wrote: > > > > over the last 90 days or so, we seem to have been plauged with a > > > > new breed of bots scanning our web pages, and they are not just > > > > indexing our web pages I don't mind that, but they are ignoring > > > > our robots.txt and are mirroring anything apache2 can reach, > > > > including stuff thats there but not reachable by a normal browser > > > > just looking around and clicking on links. > > > > > > <.. snip ..> > > > > > > > To add a new rule, covering that whole 256 address block because > > > > they seem to have a random address, changed about weekly, in that > > > > block: > > > > > > > > root@coyote:iptables$ cat iptables-add > > > > > > > > #!/bin/bash > > > > iptables -I INPUT -s add.ress.to.block/24 -j DROP > > > > > > Have you considered REJECT instead of DROP? > > > > A neat idea for your LAN. A bad idea in this case. > > > > You *want* that other side to retry, wasting their time instead of > > spamming their target. In fact, one should consider using TARPIT > > instead of a DROP here. > > Now thats a thought, does it take much fiddling to set that up? Links to > tuts plz.
You have to use testing or sid for that. [1] is a place to start, [2] will be needed too. [1] https://packages.debian.org/bullseye/xtables-addons-dkms [2] https://packages.debian.org/bullseye/xtables-addons-common Reco
