Security Basics mailing list archives
Re: any recommendable anti-ddos solution?
From: "Carlos Silva" <carlosmiguel.silva () gmail com>
Date: Wed, 29 Aug 2007 10:58:32 +0100
Dereck, your solution will work fine if only a couple of hosts are doing the attack. But 2GB of traffic are certainly hundreds, or maybe thousands, of hosts deploying the attack. Nevertheless the problem isn't the IDS located in the destination of the attacks. The problem is: how will we manage 2GB of traffic arriving on our internet links??? It's easy, we can't!!! Only our ISP's will have the possibility to detect and block that traffic. Cisco Guard is a very good solution for that! I, personally, would like to know other solutions, commercial or free (if any). Best regards, Carlos Silva On 8/28/07, Brett Kennedy <Brett.Kennedy () caseware com> wrote:
Why do you specifically want a commercial solution? Brett -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of theog Sent: August 28, 2007 8:14 AM To: 'Monty Ree'; security-basics () securityfocus com Subject: RE: any recommendable anti-ddos solution? Well DDOS attacks usually have something behind them , try to find out the reason for it if there is one for example, do u have a web server on your DMZ?, an FTP server? What is the nature of the attack? There are various solutions, non of them will give you 100% effect of avoiding a DDOS attack depending on the nature of your attack you can choose the way to reduce its impact, for example hosting your web server elsewhere of using NGP with an additional ISP and a load balancer here is a nice document regarding BGP and DDOS http://staff.science.uva.nl/~delaat/snb-2004-2005/p27/report.pdf Enjoy... ;) Liran Cohen RCT Internet solutions. http://dir.rct.co.il http://www.rct.co.il -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Monty Ree Sent: Monday, August 27, 2007 6:52 PM To: security-basics () securityfocus com Subject: any recommendable anti-ddos solution? Hello, list. These days our network has been suffering from various ddos attack(syn flooding, udp flooding...etc). from time to time, ddos traffic is over 2G bps and this makes all network service including firewall and IPS go down.. So is there any recommendable commercial anti-ddos equipment or solution? I have heard about the cisco guard & detector and many say that only this can fight against ddos attack. right? But it seems that other anti ddos solution comes... Please recommend commercial anti ddos solution for me. Thanks in advance... _________________________________________________________________ 편리한 웹하드가 최대 1G 까지 무료! http://im.msn.co.kr/new/function/function_02_11.asp
Current thread:
- any recommendable anti-ddos solution? Monty Ree (Aug 27)
- RE: any recommendable anti-ddos solution? theog (Aug 28)
- RE: any recommendable anti-ddos solution? Brett Kennedy (Aug 28)
- Re: any recommendable anti-ddos solution? Carlos Silva (Aug 29)
- RE: any recommendable anti-ddos solution? Brett Kennedy (Aug 28)
- RE: any recommendable anti-ddos solution? Dereck Martin (Aug 28)
- RE: any recommendable anti-ddos solution? Vijay K (Aug 29)
- RE: any recommendable anti-ddos solution? theog (Aug 29)
- <Possible follow-ups>
- Re: any recommendable anti-ddos solution? coleman . ryan (Aug 29)
- Re: any recommendable anti-ddos solution? mamba . m (Aug 31)
- RE: any recommendable anti-ddos solution? theog (Aug 28)