> thinkin of that Ive got a customer with IIS server which he cannot > change for apache, for some reason, I wonder which linux based tools > (the firewal runs on linux) there are to block nimda. Can a proxy acting > as a reverse proxy do it ?
The use of a secondary server would work for this purpose. One could use the built-in proxy functions of Apache combined with a Linux machine to insulate the IIS server from hostile network traffic. Personally, I'd proxy all critical systems. If Apache isn't an option, I'd also look at something like SecureIIS from EEye[1]. Cheers, ellipse [1] Dale Coddington is leet.
