> Anyone know of a recent patch, hotfix, or settings to protect
> against DOS attacks on IIS 4.0? Service Pack 6 failed miserably
> to fix the problem (as it promised to).
If by "fix the problem" you mean prevent successful denial-of-service
attacks, you're out of luck. You can't really protect against DOS attacks.
You can only limit the possible damage they do, and respond by refusing
traffic from offending IP address. If you get attacked by someone with more
bandwidth than your server has (not difficult in a world of cable modems and
Windows zombies), they will win.
On the other hand, if you mean "not result in a BSOD", the latest IIS and NT
security patches should generally work. There's a recent IIS security patch
rollup, which contains several IIS patches. You might want to apply that, if
you haven't already. Again, it won't prevent DOS attacks, but it can't hurt
anything. You can find it at http://www.microsoft.com/security/.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
phone: (202) 797-5496
fax: (202) 797-5444
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
