Blocking Examples

This topic provides some examples of blocking approaches.

Blocking Access to Websites Containing Malicious Code

You can block access to sites that might contain malicious code, if you are aware of common malicious code. For example, a Web page containing this code will cause Internet Explorer to use up CPU resources in an infinitely nested iframe element:

<iframe src="?"/>

To prevent access to Web pages containing this code, use a signature that searches in the response body for the text <iframe src="?"/>. You may use the default setting that limits the byte range of the search to the first 100 bytes, so as not to impact performance.

Blocking RPC Over HTTP

To block RPC over HTTP, block these methods:

• RPC_IN_DATA
• RPC_OUT_DATA