On Wed, 2011-08-31 at 08:07 -0700, John R Pierce wrote:
On 08/31/11 7:22 AM, Always Learning wrote:
In the current 4,000 to 6,000 daily hits, the lunatic uses
login.php contact.php forgotten_password.php
your 'lunatic' aka 'hacker' is undoubtably a blind script ('bot') running on distributed previously hacked hosts, and probing a long long list of targets of which your hosts only a tiny part of. 4000 hits a day to 404 pages is background noise.
I would like to use the facilities in the excellent Centos operating system to reduce hacking attacks. Implementing an IP Tables string facility is a useful learning experience. When that works, I'll try 'recent'. Dangerous to ignore any background noise - far better to firmly shut the door and fill-in all known holes.
Paul.