James Britt wrote:

> I received an alert E-mail today telling me that ruby-doc.org had 
> exceeded its alloted bandwidth.  There could be all sorts of reasons for 
> this, and if it were simply due to popularity I'd be thrilled.  But it 
> appears that someone has been running wget and snarfing the site wholesale.
> 
> This is a bad thing.  I'm in the process of blocking IP addresses and 
> domain names.  I've also turned off access to the Euroko 2003 videos 
> until next month.
> 
> I really don't think this abuse is coming from any regular reader of 
> this list, but on the off chance that I'm wrong: please stop it.
> 
> Thanks,
> 
> James Britt
> 
> jbritt AT ruby-doc DOT org
> 
> 
> 
> 

I highly recommend you look into mod_dosevasive.

If there was a decent way to verify the authenticity of the source IP 
addresses (ie not spoofed), then blocking would be a great first step.

The next step might be posting the verified abusive addresses online (so 
the rest of us can take appropriate action like blocking them from our 
sites) or submitting them to dshield.org.  This might be annoying enough 
for them to move on to other targets.