Wednesday, October 23, 2002 you wrote:
MM> Perhaps you're not familiar with CodeRed or the HTTP protocol
No, I am.
MM> very well, but your statement makes no sense. Code Red is nothing
MM> more than a malformed HTTP post to a webserver. While Imail is not
MM> vulnerable to the attack itself (it never was to begin with, the
MM> attack was made for IIS), it does start having performance issues
MM> when malformed posts are made to the server.
That's what I said.
MM> I'm assuming from your statements that your network is rather
MM> small, our firewall cuts out 90% of the 'junk' coming into our
MM> network, but with almost 90MBPS of traffic coming in, you'll find
MM> an in depth inspection of every packet has considerable network
MM> performance effects and there's a line that needs to be drawn on
MM> what's rejected.
Anything can be DOS'd.
MM> What I can tell you is that we have several software packages
MM> (Imail, IIS, Apache, Statistics software, etc) that are open on
MM> the internet with NO problems, however Imail continues to have
MM> these issues. It's black and white that it is a software-related
MM> issue.
I believe that would fall in the realm of opinion.
Look, I don't know why you want to battle on this issue. You seem to
know what the problem is and you seem to understand code red and dos
attacks.
Either way I give up. You win. No more debate from me.
Terry
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
