|
Hi,
So, I guess I agree that you aren't stopping it, but if you reduce or
eliminate its effects, that is probably good enough.
My objective was to protect Nimda hits in the cache servers (Transparent Proxy)
mainly. I enabled syncookies in the directors as well as in the 3 proxies,
Setting syn cookies on the director doesn't help much.
simulated nimda from one W2K+IIS Pentium 4 PC, but found no positive effect at
all.
What do you define as positive effect?
I believe that it can be filtered out in a very easy way, I am working on it
and will post in this mailing list after successfully done.
Please don't use netfilter and the string match to filter out nimda! :)
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc
|
