On Wed, 2003-03-26 at 12:28, Mark Weaver wrote: > Dave Laird wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Good morning, Pierre... > > > > On Saturday 15 March 2003 06:19 am, Pierre Fortin wrote: > > > > > >>I may have a look at the code; but rather than "strings", I would think > >>quick-exit protocol-diving would be a better approach... but that's just > >>me... > > > > > > No, you're very right. I've let the box running strings under IPTables run > > for nearly 12 hours, and I think your conclusions about it are pretty > > accurate. It bogs down the system, particularly because it is only running > > 64M of memory. However, I added a few sticks of SDRAM this morning and > > compared it to last night's performance, and I didn't see that much > > difference. However, when I compared the overall performance of the box with > > another identical box running standard IPTables, I still noticed a > > performance hit. > > > > I'm not that enamored of the idea. Back to the drawing board. Thanks to > > everyone who gave input to this idea. It *does* block strings from Code Red, > > but at a pretty substantial performance hit. > > > > Dave > > I know this is late in the thread, but I've found adding a REWrite rule > to httpd.conf to be the ticket! I haven't seen any, and I mean None of > the M$ crud in my logs since. There has been zero (0) performance drop > on this AMD 233/ 128MB SDRAM box since taking this action.
Mark, Care to explain to the terminally dense (me) what a REWrite rule is? please. James
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
