> I have people trying to RDS into servers when the service is
> disabled. It looks like it is causing problems on my server as
> sessions aren't lasting but 20 seconds. I think the server is
> restarting thus killing the sessions. Is there a way to "block"
> RDS requests? This looks like a brute force DOS.
You have a couple of options.
1. If you have control over the gateway, and you can do content filtering at
the gateway, simply filter out requests to /CFIDE/Main/ide.cfm. Or, you can
do this on the server itself using various "host firewall" products.
2. You can prevent all RDS requests by setting permissions on
{webroot}\CFIDE\Main\ide.cfm so that the web service (or anonymous user in
IIS) can't read or execute the file. If you're using IIS, you'll also need
to enable the "Check that file exists" box in the ISAPI extension
information for .cfm.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
