[CentOS] Am I being to paranoid?

Sun May 8 18:24:47 UTC 2011
Benjamin Franz <jfranz at freerun.com>

On 05/08/2011 10:46 AM, Jason wrote:
> 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect.

Because the remote loader is a robot, not a web browser. It is throwing 
stuff at the wall and seeing what sticks. It flat out doesn't care if 
you send back a redirect - it is just looking for a response that 
indicates a vulnerability and anything else is ignored by it.

Redirects are largely ineffective in combating bots hunting for 
exploitable scripts and programs. You would be better off using 
something like Fail2Ban to dynamically update firewall rules against 
detected attackers.

Benjamin Franz