Lets say I have a bunch of traffic coming to a server and it's easy to see that some of it is trying to do nasty things.
You get the point.
Now if I know the ip addresses that these kinds of things come from what are the best things to do with that traffic?
Option 1: Just return an empty reply.
Option 2: Let it hang.
Option 3: Let it hang but count the number of hung connections so I can flush them if it's more that I really want hanging around.
Option 4: Give them fuzz (random content). Large or small?
Option 5: Give them a 3xx redirect so they attack something else.
Option 5a: Direct them at a random blocked ip.