Reply to: R. Scott Perry
Re: [IMail Forum] DoS Attack on IMail Web Messaging?? HELP! on Friday 9:47:01 AM
There is something you can do. Use a personal firewall. We use
BlackIce from Network Ice here. It autoblocks such attacks on a
web server. There is also an undocumented feature we learned from
their staff that limits 'hits' on a web server. We use this to
repell an unusual amount of web requests, usually from someone
who tries to download a whole website here with automated download
utilities. This is also characteristic of these virus attacks.
Here are the details of how to do this if you are using BlackIce:
These variables may be inserted into the blackice.ini text file:
http.urllimit.count=40
http.urllimit.interval=30
The above settings block a user automatically if more than 40
requests come from that user in less than 30 seconds.
--
Roger Heath
advanced internet desktop: www.activatordesk.com
antivirus antispam email : www.activatormail.com
master internet index : www.infogrid.com
----- Copy of Original Message(s): -----
>>When Web Messaging is off, the server runs like a dream. It is one thing
>>to patch an IIS server with a patch from the product vendor, but I
>>honestly don't have a clue as to what else I can do to stop this DoS
>>attack from happening on my IMail box without implementing a firewall
>>system for that server.
R> That's what you have to do. No software can prevent a DoS attack that is
R> simply flooding the server with requests.
R> -Scott
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
