Shared publicly  - 
Someone keeps trying to break into my blog (brute forcing the password). I get emailed their IP address every time they get locked out and there have been multiple IPs, sometimes related (x.x.x.81, x.x.x.82, x.x.x.83...), sometimes not. Any suggestions on something "fun" I can do with them? I guess it's probably a bot, but just in case...
Gabor Szabo's profile photoRoger Binns's profile photoAri Rabkin's profile photoChris Heald's profile photo
Few things to try: see if the bot processes HTTP redirects and/or has a connection timeout. Redirecting to an infinite redirect or intentionally holding the connection open for an extended period of time are two ideas that come to mind.
This is a DOS attach to overwhelm your e-mail system :)
The nicest thing you can do is make your system put those IP addresses into a tarpit. This will drastically slow down the rate at which they can do anything, and while they are attacking your system they won't be attacking other people.
Boring option: find out who their provider is, and report them.
Not necessarily fun, but an htaccess file with an obnoxiously long password will keep requests from ever getting to the app, preventing all those emails and associated CPU burn
Add a comment...