Re: fswserv.html ????

[Adam Bultman <adamb () glaven org>]

> I haven't seen anything like this before but have you thought about
> contacting the Tech for that CIDR or 'abuse () rr com'.  Other than that
> try killing the connections with a firewall rule or Apache ACL, or
> create a empty page so the client can request it and see if it will go
> away after a successfull get request.  Whois details below.

I suggest not letting the servers get the page they are requesting - I've
done things like that before, and when I 'allowed' the pages to be
accessed, requests skyrocketed.  When I blocked the requests altogether,
they still persisted, but abated over time.

Note: I still get requests, but they no longer take any bandwidth.

Adam


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com