My question would be - is there an tool which could run with apache to automaticly lock host for some time if it tryies access system more that 10 times per minute or so? iptables (from linux 2.4.x) supports something like that. although it is designed to prevent logs from getting filled, it can also be used to prevent DoS attacks. I'm sorry, but can't remember the name of the option right now :-( You should also use a seperate machine as firewall (if somehow possible), this would give you a better chance to prevent a DoS, because the web server wouldn't get so much load. P.S. Host running SuSE 7.1 with 2.2.x kernel I hope, you have already updated to 2.2.19 :-)
bye Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \