On 29/8/08 16:07, Prof. P. Sriram wrote: > we (ftp.iitm.ac.in) also run a fedora mirror and this was a chronic > problem with that. we have not noticed this problem with the centos > mirror. actually, they are 'legitimate' requests in the sense that they > appear to be requests for partial downloads; however, with the rate at > which the requests come in, it effectively becomes a dos attack. we have > implemented per ip connection limit to stop this and it is very effective. > there are several ways to do this; one possible way is to use the > limitipconn module of apache and put the following lines in the httpd.conf > file. Thanks for the info. Yes, I'd noticed that they were requests for partial downloads, though interesting that they are all of Chinese origin. Maybe something to do with their network infrastructure. Regards, Mike