blocking hackers - revisited

Giganews Newsgroups
Subject: blocking hackers - revisited
Posted by:  Nathan In Montana (MontanaJeep…@aol.com)
Date: Sat, 14 Apr 2007

currently running a dozen or so websites out of my home on a commercial
cable backbone, dedicated win2k server server IIS 5.0.  some time back i
asked how to block IPs on the router level to block scripts attempting to
log into my server.  it was suggested that i upgrade my linksys router to
dd-wrt and use iptables.  this works GREAT (thanks much to whomever
recommended that upgrade as it has served me very well both at home and in
commercial applications) but this hacker/script appears to have an unlimited
supply of IPs.  as soon as i block one IP, i get the same attack from
another.  roughly 3 times per second it attempts to log into my server 24/7.
it stopped using "administrator" and is now selecting random names.  the
security breech isnt a huge concern (my password is solid), but the waste of
my server resources is.

is there any way in which to automatically block an IP after 3 tries?  i
dont know what method is being used but its coming in on port 80 im sure.  i
dont mind having to buy equipment if i have to, i just need a reasonable
solution.
thanks.

--
Nathan in Montana
http://ConcealedCarryForum.com
http://1911Talk.com
http://GlockCarry.com

Replies