Security: Is it possible to drop a connection without sending a response?

[Flint G]

Easy question, that hopefully has a simple answer: in a NetWebServer procedure, is it possible to drop/close a connection without sending a response?

For instance, if the incoming session ID contains characters other than A-Za-z0-9, can I simply ignore the request because this is most certainly malicious?  If I receive enough of these kinds of requests, I would like to add the IP to a blacklist and never respond again.

[Bruce]

Hi Flint,

>> is it possible to drop/close a connection without sending a response?

p_web.CloseConnection()

you may also want to call
p_web.RequestData.WebServer.AddLog(p_web)
it all depends on where you do this test whether it will be in the log already or not.

>>  I would like to add the IP to a blacklist and never respond again.

p_web.Ban(self.requestdata.fromip)

This will add the address to the banned list. This list is a maximum of 10 IP's long. The list is cleared at the next start of the program, so if you want to remember it then you will need to code the save/load.

Bear in mind that
a) Machines get dynamic IP addresses and
b) multiple machines, sometimes _lots_ of machines, can share the same IP address thanks to NAT.

Cheers
Bruce