preventing a db flood

[pdawg]

Before I sit down and write some code to address my problem, I thought I would post it here and see if anyone knows of anything already out there I can utilize...

I have a problem where sometimes a malicious user will write a script to repeatedly access a URL (with different query strings) and as a result will keep entering records into my database.

What I would like to do is have soemthing where if the user has accessed my server x times in the last y minutes then his IP will be blocked from the site. I considered doing this with session variables but since I have alot of users on this site, I feel that my memory usage may sharply increase and thus degrade performance. Also I dont know how to interface this with IIS to block the IP (I am using windows 2000 server and sql server 2000)

any ideas?

The only thing i have thought of is to have a table store the IPs and hits in the past y minutes and just work on something from there ... but that means then every hit to the site results in accessing a db and updating a record.

thanks.

[Elemental Thought]

I utilize a similar method to what you're describing, pdawg. However, I don't use it for every page, I normally only do it for pages that could be a problem, such as where the user can fill out a form.

What I do is I record the ip and set an expiry timestamp, generally a few seconds into the future. Then, when the form is submitted, I do a check to see if that IP address already has an entry in my table, and whether or not the entry has expired.

It works fairly well, but it would be definitely hard to implement for every page. Is it possible for you to convert your pages to use POST instead of GET when moving around the site? That would at least hide the urls, and the script kiddies wouldn't be as inclined to write a script to access them.