Security Basics mailing list archives
Re: Diff ways to prevent DoS and DDoS
From: _ <packetnull () gmail com>
Date: Wed, 25 Apr 2012 21:05:51 -0600
to add on this DoS/DDoS/DRDoS are usually based on timing and amount of connections ACL's are a first line of defense. Nasty little buggers they are attackers will try to "deny" service from layers 3 to 7. thats why security folks come up with new fancy terms like NGFW's same thing bonded together On Apr 24, 2012, at 3:58 PM, "David Gillett" <gillettdavid () fhda edu> wrote:
From: Don Thomas [mailto:don.thomasjacob () gmail com] wrote:1st you need to think beyond your network firewalls and ACL on the router.Firewalls and ACL can never stop DoS attacks as they can stop only information you have asked itto stop.Ooops. You've provided no argument that establishes that we cannot ask firewalls or ACLs to block DoS/DDoS attacks.... There *are* two relevant limitations of firewalls and ACLs, but they're not what you suggest here: 1. Firewalls and ACLs effectively classify traffic into three categories: known good, known bad, and unknown. They may have to base this categorization on inadequate information -- for instance, to an ACL there's no easy way to distinguish a simple ping from a ping-of-death. Sometimes the only real difference between legitimate traffic and a DoS/DDoS is the rate of such traffic; ACLs provide no way to specify this, and not all firewalls do either... 2. A firewall or ACL can only act on traffic that reaches the location where it is implemented. In some cases, a DoS/DDoS attack may do its damage before reaching that point. For instance, a trivial brute-force bandwidth consumption attack will probably manage to saturate the ISP connection regardless of whether it is blocked once it arrives at the target's site. Disproof by counterexample: My ACLs block some specific DoS attacks that used to knock us off the Internet routinely. David Gillett, CISSP CCNP ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Diff ways to prevent DoS and DDoS sneha.anand.26 () gmail com (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Thugzclub (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Littlefield, Tyler (Apr 03)
- RE: Diff ways to prevent DoS and DDoS David Gillett (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Littlefield, Tyler (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Todd Haverkos (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Don Thomas (Apr 24)
- RE: Diff ways to prevent DoS and DDoS David Gillett (Apr 24)
- Re: Diff ways to prevent DoS and DDoS _ (Apr 26)
- Re: Diff ways to prevent DoS and DDoS Don Thomas (Apr 26)
- RE: Diff ways to prevent DoS and DDoS David Gillett (Apr 24)
- Re: Diff ways to prevent DoS and DDoS Thugzclub (Apr 03)