Re: Re: DoS Horror Story - Or - Please Recommend a Firewall for Win2k3

Hello all,

Thank you for your replies. My intention of posting was that I needed
recommendation for software firewall as I do not own the hardware, so I will
probably move from this datacenter to a better one that will apply better
hardware protection.

In meanwhile I need to install software, and do not know which ones that
would do a good job. Obviously the 2 firewalls I have tried did not fulfil
my needs. I thank for the suggestion, Sygate firewalll pro, I have read
about it and will install a trial. Also I thank for the advice about layered
protection.

Could you please elaborate more on this?

-Proxy: I'm familiar with proxys from the client side view. The proxy caches
web content and makes it faster, plus if you surf to web pages it will show
only the proxy computer as visitor. But I'm not sure how it will help me in
protecting the server.

- Configurable IP/TCP/UDP values. Are these values timeout values ? or
min-max values? It sounds like it would help me right now, but I'm not sure.
I receive many malformed http packets and all kinds of icmp or incomplete
packets. My current firewall has an option to "tarpit" connections. That is
to accept connections but not honor disconnections. But when attacked by
many (spoofed) ips, I'm not sure how much it helps?

- I have searched and read to learn more about IP defragmentation and QoS.
Thank you :)

I have forwarded these requirements also to my current firewall vendor
(Visnetic).

Regards,

AFW

btw, is this mailing list archived somewhere on net?