You can create an HTTP resource and block the /default.ida string in the
URL, but more likely than not the in.ahttpd process will zoom to eat up all
available CPU and your fw will be pegged. So, its possible, just not a very
feasible idea.
-----Original Message-----
From: "Pe�a, Botp" [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 19, 2001 10:56 PM
To: [EMAIL PROTECTED]
Subject: [FW1] .IDA CODE RED WORM
Hi Team:
Though we've applied the patch on our iis servers, the .ida worm(s) do not
seem to stop to bombard the iis server.
I would like to ask if it is possible to stop it on firewall-1. If yes, how?
Thanks in advance,
-botp
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
