On Mon, Jun 29, 2009 at 09:23:47AM +0200, M. Feenstra wrote: > Hi List, > > I'm getting a bit tired of all those web vulnerability scanners. I > generate a list of 404 requests to find errors in my websites but this > list is mainly filled with these scanners. > > I have added a table to "pf" that blocks some of the more persistent > attackers but I like to update this table automatically. I was thinking > of writing a little script/module for my webserver that after three 404's > in a row adds them to the table. > > Of course my webserver doesn't run as so I can not run pfctl to update > the table. Preferably I also don't want to write to a file and schedule a > pfctl every minute. > > Ideally it would be a daemon that listens to localhost only and, after > authentication, accepts an IP address from the webserver which is than > put in the table. > > Does something like this exist? Or maybe, is there a better way of > dealing with this? >
man nc(1) || man inetd(8) > Regard, > Mark
