('binary' encoding is not supported, stored as-is) In-Reply-To: <3.0.5.32.20020218085949.012f4100at_private> When you stop the attack, the firewall recovers, but think that in the case of ISA D.o.S. I´m sending spoofed packets so it will be more difficult to find the attacker ( if you have not IDS or similar ). Suppose the length of the D.o.S. is 1 hour... nobody can surf the web, you can not access the ISA..., probably no VPN,... Think about it. Hugo Vázquez Caramés Security Consultant >Received: (qmail 19118 invoked from network); 18 Feb 2002 06:09:16 -0000 >Received: from outgoing3.securityfocus.com (HELO outgoing.securityfocus.com) (66.38.151.27) > by mail.securityfocus.com with SMTP; 18 Feb 2002 06:09:16 -0000 >Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.19]) > by outgoing.securityfocus.com (Postfix) with QMQP > id 1EBEAA44EF; Sun, 17 Feb 2002 21:25:10 -0700 (MST) >Mailing-List: contact vuln-dev- helpat_private; run by ezmlm >Precedence: bulk >List-Id: <vuln-dev.list-id.securityfocus.com> >List-Post: <mailto:vuln-devat_private> >List-Help: <mailto:vuln-dev- helpat_private> >List-Unsubscribe: <mailto:vuln-dev- unsubscribeat_private> >List-Subscribe: <mailto:vuln-dev- subscribeat_private> >Delivered-To: mailing list vuln- devat_private >Delivered-To: moderator for vuln- devat_private >Received: (qmail 24253 invoked from network); 18 Feb 2002 00:53:21 -0000 >Message-Id: <3.0.5.32.20020218085949.012f410
This archive was generated by hypermail 2b30 : Mon Feb 18 2002 - 08:27:15 PST