On Wed, Dec 3, 2008 at 4:55 PM, Steve <[EMAIL PROTECTED]> wrote: > Dmitry S. Makovey wrote: >> P.S. I actually don't do any of the above. It was just a surge of creative >> paranoia >> in response to initial request :) > All good ideas - except selling the blacklist... I'd be happiest to > share my blacklist for free... my objective is to minimise exposure to > botnets - rather than to accept another level of complexity with > legitimate use.
I think using Dmitry's idea of rejecting the first 2 connections, but then allowing it as normal on the third attempt would satisfy your requirements for being on the normal port, allowing all IPs and requiring no special setup on the client end (other than knowing they have to to retry twice). Of course, this is assuming the botnet stops after rejected connections...
