Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: any recommendable anti-ddos solution?

from [Dereck Martin] Network Security [Permanent Link]
Subject: RE: any recommendable anti-ddos solution?
Date: Mon, 27 Aug 2007 15:55:07 -0700 
I would use an IDS to monitor traffic in real time like "snort_inline".  You 
can then use signatures to detect certain types of exploits, ddos and such.  
When it happens it will auto drop, log, and block the connection.  No more 
denial of service attacks from that host =)

For this to work you would setup a transparent bridge between your router and 
the switch that goes to everything else inside the network.  It would then run 
your inline snort and sniff the data coming across the network.  When a 
signature triggers that you have specified to be blocked, it will do so.

You can also use a front end like base or acid with a mysql backend to visually 
see people trying to exploit your network.  Itâs a nice IDS solution.

Search google for stuff like snort inline, Acid and snort, base and snort.  You 
will find a lot of tutorials.


Dereck Martin
Network Operations Engineer
PacketDrivers IT Outsourcing, LLC
http://www.packetdrivers.com
 ____            _        _   ____       _
|  _ \ __ _  ___| | _____| |_|  _ \ _ __(_)_   _____ _ __ ___
| |_) / _` |/ __| |/ / _ \ __| | | | '__| \ \ / / _ \ '__/ __|
|  __/ (_| | (__|   <  __/ |_| |_| | |  | |\ V /  __/ |  \__ \
|_|   \__,_|\___|_|\_\___|\__|____/|_|  |_| \_/ \___|_|  |___/


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Monty Ree
Sent: Monday, August 27, 2007 11:52 AM
To: security-basics@securityfocus.com
Subject: any recommendable anti-ddos solution?

Hello, list.

These days our network has been suffering from various ddos attack(syn
flooding, udp flooding...etc).
from time to time, ddos traffic is over 2G bps and this makes all network
service including firewall and IPS go down..

So is there any recommendable commercial anti-ddos equipment or solution?
I have heard about the cisco guard & detector and many say that only this
can fight against ddos attack. right?

But it seems that other anti ddos solution comes...
Please recommend commercial anti ddos solution for me.


Thanks in advance...

_________________________________________________________________
íëí ìíëê ìë 1G êì ëë!
http://im.msn.co.kr/new/function/function_02_11.asp
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Logging Archival Solutions?, jplee3
Next by Date:  Advice regarding servers and Wiping Drives after testing, sec sam
Previous by Thread:  Re: any recommendable anti-ddos solution?, Carlos Silva
Next by Thread:  RE: any recommendable anti-ddos solution?, theog
Indexes:  [Date] [Thread] [Top] [All Lists]