-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chuck, I'd say your best bet is to just let the access attempts pile up, since there is a good bet that the people trying to find wholes in your web server are on dynamic IP addresses, so they'll just keep coming from another IP, in which case the deny lines won't help you at all. When I first started running apache 2 years ago or so, I saw all these things in my access_log, and monitored it for about 3 months. However, after I noticed that apache was handling these cracking attempts properly, I stopped looking at my access_log in detail all the time. As long as you make sure that you stay on top of the apache upgrades, and are running the latest apache packages, you should be fine. After all, all these crackers are trying to exploit IIS servers for the most part. Greg On Tue, Dec 07, 2004 at 08:30:29AM -0500, Chuck Hallenbeck wrote: > Hi Janina, > > Are you suggesting somehow putting a 32 kb string into a google search > field? How would one do that? > > I might just let the stuff pile up in my log file rather than modifying > the apache configuration file several times a day. Apache seems to > survive those probes and responds to them with an error message. But > they come to me from all manner of originating ISP's and I do not want > to block the entire domain from which they originate. > > > -- > The Moon is Waning Crescent (25% of Full) > "Things are in the saddle, and they ride mankind." Ralph Waldo Emerson > Personal site www.hhs48.com, Download site www.mhcable.com/~chuckh > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > !DSPAM:41b5b082133002005283415! > > - -- Free domains: http://www.eu.org/ or mail dns-manager at EU.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBtftG7s9z/XlyUyARAifuAJ44MgrRxq6LXTyeZg2s5bGZIWvMMQCgg0r5 gJ5EQvIbAPmtqQePZZsIK0c= =mvsJ -----END PGP SIGNATURE-----
