Vulnerability

[guest]

I was running my hfs the other day when my xp2800 AMD 512 GiB of ram RAID 0 computer started slowing down alot..
I ended up flipping over to my black ice firewall to notice that someone was succeeding with a hex evasion attack directed on my system...
Time, Event, Intruder, Count
10/26/2003 6:26:39 PM, HTTP_IIS_Double_Eval_Evasion, cm185.gamma224.maxonline.com.sg, 1
Time, Event, Intruder, Count
(description:http://www.iss.net/security_center/reference/2106051.html)
10/26/2003 6:26:39 PM, HTTP_IIS_Hex_Evasion, cm185.gamma224.maxonline.com.sg, 1
(description:http://www.iss.net/security_center/reference/2106055.html)
... at least 100 of these instances were experienced... I blocked these users and the lagging stopped, so I am not 100% sure to make out of this.

[rejetto]

i read the reports of the URLs reported

not only they are not related to HFS but to IIS, they are not even bugs (of IIS).
your firewall is telling you "someone is behaving in a weird manner, maybe he's trying to hide himself from being catched exploiting".

if your system was slowing down, you should have checked if it was because of CPU usage, and what process.

at the moment no vulnerability is known about HFS.

but interesting software is never 100% secure, i invite anyone who is able to, to investigate on HFS security. a security report would be welcome.