http://redmine.lighttpd.net/projects...BeforeDownload
http://trafficguardian.com/ (anti hotlinking)
TrafficGuardian worked pretty well with apache until his hosting went down or his domain expired. Every morning when logs rotated, apache had to check in with his server for authorization. That might have changed and his site appears to be up now.
Another trick people use is to write a cookie on the page then use mod_rewrite to check for the existence of that cookie to determine whether to serve the media. Some browsers spawn a helper player that doesn't have access to those cookies.
The other thing I have noticed is that a lot of the rewrite rules have gotten away from specifics, allowing specially crafted urls to contain enough of the url pattern to match the referrer.
And there is good hotlinking, so, make sure your system accounts for that.