Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: No NetBios share + No Open Port = Safe Win98?

From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 28 Sep 2006 09:54:22 -0700
Huh? A DDoS usually means that someone tries to consume the 
entire bandwidth of your uplink. How could any kind of 
firewall mitigate that?
AFAICS this can only be handled upstream by your provider and 
his peers.


  A DoS -- distributed or otherwise -- usually relies on the 
attacker exhausting some resource.  Bandwidth is a popular choice,
perhaps partly because (as you say) it's hard to mitigate locally,
and partly because it's just really really simple.

  But there *are* other choices, such as a SYN flood which exhausts
session table entries.  Many perimeter security devices now attempt,
with varying degrees of success, to mitigate SYN flood attacks.  And
as additional DDoS methods become common, some of them may also be
amenable to local mitigation.

David Gillett



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: