-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Good morning, Pierre...
On Saturday 15 March 2003 06:19 am, Pierre Fortin wrote: > I may have a look at the code; but rather than "strings", I would think > quick-exit protocol-diving would be a better approach... but that's just > me... No, you're very right. I've let the box running strings under IPTables run for nearly 12 hours, and I think your conclusions about it are pretty accurate. It bogs down the system, particularly because it is only running 64M of memory. However, I added a few sticks of SDRAM this morning and compared it to last night's performance, and I didn't see that much difference. However, when I compared the overall performance of the box with another identical box running standard IPTables, I still noticed a performance hit. I'm not that enamored of the idea. Back to the drawing board. Thanks to everyone who gave input to this idea. It *does* block strings from Code Red, but at a pretty substantial performance hit. Dave - -- Dave Laird ([EMAIL PROTECTED]) The Used Kharma Lot / The Phoenix Project Web Page: http://www.kharma.net updated 03/05/2003 Usenet News server: news.kharma.net Musicians Calendar and Database access: http://www.kharma.net/calendar.html An automatic & random thought For the Minute: A mind is a wonderful thing to waste. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+c0VGaE1ENZP1A28RAvOKAJ4+rtafJjfwWrDJQDUCBWF9UYvz3ACfTlsJ 4/80f+7Bo1dUWcBcoS2ErCk= =jbcI -----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
