> *Subject:* Re: [twsocket] Creatively annoying a host > > I could leave the connection open without sending a response? > > > Just delay the answer for a couple second, this will slow down the > probing.
I think keeping the client connection open as long as possible, sending random HTTP headers every few seconds is the best way of slowing down the hacker's crawler. A blacklist just saves a few 404s on each server, but really needs to be implemented at firewall level to stop multiple servers being accessed. One thing that is surprising about these PHP hacks is one domain being targeted was only registered three weeks ago and is on my shared server so can only be accessed by host name, not IP address, yet they've found it already, from Korea. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
