>From the 1.3.23 ChangeLog: > (eg, one attack mode of the Nimda worm is to establish a connection to the > server but not send an HTTP request. This connection will be timed out > according to the setting of the Timeout directive, 300 seconds)
Well, they seem to recognize the problem, anyways. Anybody know why this patch isn't being accepted? It works like a charm. My patch to add a RecvTimeout directive to Apache has been ported up to 1.3.23. Details: http://www.webcon.net/opensource/apache/ Download: http://www.webcon.net/opensource/apache/apache_1.3.23_recv_timeout.patch Regards, Ian Morgan -- ------------------------------------------------------------------- Ian E. Morgan Vice President & C.O.O. Webcon, Inc. [EMAIL PROTECTED] PGP: #2DA40D07 www.webcon.net -------------------------------------------------------------------
