M. Feenstra ?????:
Hi List,
I'm getting a bit tired of all those web vulnerability scanners. I
generate a list of 404 requests to find errors in my websites but this
list is mainly filled with these scanners.
I have added a table to "pf" that blocks some of the more persistent
attackers but I like to update this table automatically. I was
thinking of writing a little script/module for my webserver that after
three 404's in a row adds them to the table.
Of course my webserver doesn't run as so I can not run pfctl to update
the table. Preferably I also don't want to write to a file and
schedule a pfctl every minute.
Ideally it would be a daemon that listens to localhost only and, after
authentication, accepts an IP address from the webserver which is than
put in the table.
Does something like this exist? Or maybe, is there a better way of
dealing with this?
Regard,
Mark
QTFG: pftabled
