Linux: Blacklisting IP's

[jitspoe]

Looging at the apache error log, I'm seeing some things like:
[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpmyadmin[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpmyadmin
[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpMyAdmin[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpMyAdmin
[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/db[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/db
[Fri May 18 21:12:13 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/web[Fri May 18 21:12:13 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/web


Obviously some bot trying to find vulnerable phpMyAdmin installations and whatnot.  I think I should probably just blacklist ip's like that.  What's the best way to go about that?

[TinMan]

iptables or netfilter I'm thinking.

[KnacK]

iptables on the front end so that the bot wont even realise that the server exists.
You might want to review this page for reference.

[jitspoe]

Oy, all that just to block some ip's?  This is why I don't like Linux.

Thanks for the link, though.