Hello Harjith,
Well... what scenario is given for that ?
Usual layer 7 depends on more factors than layer 3/4 , if eg. layer
3/4 depends on used protocol (usualy IP . /TCP ) so the 7th layer
depends on the system itself (imho) , so what scenario should be given
? AFAIK. layer 7 attacks are mostly based on corss-scripting, as well
as on system/browser weakness (like DCOM on MS Internet Explorer ),
and most proxies are able to filter layer 7 content.
Best technology for what exactly ? For some machines / environments
you can simply force eg. to ssh or ussage of another browser, or SFTP
instead FTP, but that dows not work in every environment, in other
networks you can set your security rules only via content-filtering
based on a proxy.
Just my oppinion, hope could be a little helpfull for you.
Thursday, September 15, 2005, 8:57:52 AM, you wrote:
<==============Original message text===============
H> HI All,
H> We all talk about firewall technologies and different security
H> technologies.
H> Today, all most all enterprise are having the firewalls which protect
H> you from L3 and L4 attacks. What about L7 attacks ?
H> If Im not wrong , IPS address this field. Different vendors talk about
H> different technologies and methods to prevent these attacks.
H> Eg: Signature Based, Protocol and traffic anomoly detection, Intelligent
H> layer scanning etc.
H> Can any one help me in understanding the different technologies to
H> protect from L7 attacks and what is the best technology to adopt?
H> -harjith
<===========End of original message text===========
--
Best regards,
Adam Pal mailto:pal_adam@gmx.net
