On Tue, 16 Apr 2002, Noonan, Wesley wrote: > Because it works? Because last time I checked it had not a single exploit > logged? >
I dunno what the representation of "not a single exploit logged" is, but you should read Q271379 (looks like a valid DoS attack to me,) Q289503 (may be related), Q295279 (Web Proxy Service Crashes seems like a bad title), Q296638 (fixing my server made it break!,) Q283213 (no internal blocking/logging) and Q285807 (invalid logging) to see that the product hasn't been issue-free. At least Q211379 is an exploitable condition, and Q283213 may have use in conjunction with another bug. When was the last time you checked? FWIW, I think at least one of the last clump of IIS bugs are valid for ISA, but I don't recall which one. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
