Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DoS Horror Story - Or - Please Recommend a Firewall for Win2k3

from [Jason Dixon] Network Security [Permanent Link]
Subject: Re: DoS Horror Story - Or - Please Recommend a Firewall for Win2k3
Date: Fri, 29 Jul 2005 19:31:58 -0400 
On Jul 28, 2005, at 2:45 PM, AFW wrote:

-Proxy: I'm familiar with proxys from the client side view. The proxy caches
web content and makes it faster, plus if you surf to web pages it will show
only the proxy computer as visitor. But I'm not sure how it will help me in
protecting the server. 

A reverse proxy will help "normalize" your traffic.

- Configurable IP/TCP/UDP values. Are these values timeout values ? or
min-max values? It sounds like it would help me right now, but I'm not sure.
I receive many malformed http packets and all kinds of icmp or incomplete
packets. My current firewall has an option to "tarpit" connections. That is
to accept connections but not honor disconnections. But when attacked by
many (spoofed) ips, I'm not sure how much it helps?

By modifying the timeouts you can limit the amount of states, frags, open/listening connections, etc., freeing up needed resources during a DoS attack.

- I have searched and read to learn more about IP defragmentation and QoS.
Thank you :) 

No problem.

I have forwarded these requirements also to my current firewall vendor
(Visnetic).

If you trust your firewall vendor so much, why didn't you ask them in the first place? I'm sure they'd be happy to sell you the perfect solution. ;-)

--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net



[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: DoS Horror Story - Or - Please Recommend a Firewall for Win2k3, Jason Dixon <=
Previous by Date:  RE: Is there any way to measure IT Security??, Balachendran, Thamilarasu SITI-ITIBHW
Next by Date:  Re: Firewall Requirement, Devdas Bhagat
Previous by Thread:  RE: Is there any way to measure IT Security??, Bohoudi, S. - Salah -
Next by Thread:  Re: Firewall Requirement, Devdas Bhagat
Indexes:  [Date] [Thread] [Top] [All Lists]