> > I haven't seen anything like this before but have you thought about > contacting the Tech for that CIDR or 'abuseat_private'. Other than that > try killing the connections with a firewall rule or Apache ACL, or > create a empty page so the client can request it and see if it will go > away after a successfull get request. Whois details below. I suggest not letting the servers get the page they are requesting - I've done things like that before, and when I 'allowed' the pages to be accessed, requests skyrocketed. When I blocked the requests altogether, they still persisted, but abated over time. Note: I still get requests, but they no longer take any bandwidth. Adam ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Dec 18 2002 - 12:23:04 PST