[buro9]

Please don't do this... having bots launch a DDoS attack on kernel.org is not good.

Just throw the request away or return a 404 at the load balancer level.

If you're on Apache use mod_security, if you're not put Varnish in front and configure it to return simple 404 errors on such pages.

But don't mod_rewrite, redirect or otherwise throw traffic onto someone else's server, let alone one that will result in a traffic cost for them.

[T-hawk]

> Please don't do this... having bots launch a DDoS attack on kernel.org is not good.

Yeah, point them at microsoft.com instead! Should be easy to find a hefty service pack or DirectX install for the bots to hit...

[xorglorb]

Even though not all of us like Microsoft, you still shouldn't do this. The best way to handle this is to send random data at 10b/s and slow down the bots.

[jokermatt999]

It'd be interesting to keep a list of the bots, and randomly redirect the traffic back at them. My first thought was that this would mess up people who unknowingly have a bot on their computer, but then I realized this might actually make them look into getting their computer fixed.

Am I missing something here, or is this actually a decent idea?

[amalcon]

I suppose you could always redirect to 127.0.0.1. Maybe even go for a port that's likely to be open on a statistically random compromised system, like 135 (Windows DCOM, can't close it to localhost without breaking like half the system).

Edit: I just tried this in IE on my Win box; the connection even stayed open for a good long time! Firefox blocked it, though, which is probably good.

[drzaiusapelord]

I doubt these bots can handle the redirect request. Its js and I don't see why someone would code to support it. Maybe someone better informed than me can say whether curl or wget respect redirect by default.

[aaronblohowiak]

JS? 300 http codes cause a redirection without any JS whatsoever.

http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

[adrianN]

There is an extension to iptables that adds a TARPIT target

http://xtables-addons.sourceforge.net/

[dalore]

Better would be to redirect to a third party service that offers that.

[ultrasaurus]

Are there any? I think that's weekend-project sized and donations could support it.