Ken.Connelly at uni.edu
Wed Feb 9 19:25:30 GMT 2005
Hunt,Keith A wrote:
>>2. You could drop sessions associated with those packets.
>> e.g. Drop an SMTP session if an attempt is made to
>> transfer malicious content (generally not a good
>> idea by the way but useful as an example)
>I have been wondering about the implications of dropping an SMTP session
>like this. Could you expound on why you think this is not a good idea?
Because if it's a bonafide server, the remote end will just start the
SMTP session over again in 30 or 60 (or more) minutes.
>>James Madison University
Ken Connelly Systems and Operations Manager, ITS Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu
phone: (319) 273-5850 fax: (319) 273-7373
It's much more important to know what you don't know than what you do know!
More information about the unisog