Isn't it ironic that right after I ask somebody to break my system the server I manage seems to be getting attacked.
I have numerous httpd daemons spawning on my server, also bringing up the cgi script we use over 30 times, and it is killing my systems performance. When I stop httpd, portsentry reports tons of port scans to port 80 from the same IP over and over, when I scan the logs this IP address is hitting my site every half second almost, and it has been happening for a long time now.
When I look at my apache logs I get a list that consists of the word "common" which is my log type, I get nothing else.
And to make things worse when I type the following:
ipchains -A INPUT -s xxx.xxx.xxx.xxx -j DENY
I get the following error:
[B]ipchains: No target by that name[B]
I have tried installing ipchains over and over, and nothing yet, any suggestions?
Thanks in advance.