Re: DDoS protection

["Hartley, Christopher J." <hartley.87 () osu edu>]

This is a little confusing; “cloud”, “on-premise” etc… weird.

By “Cloud,” it seem like we mean “by provider” (makes sense).

On-premise is the best way to detect an attack imo, since the victim network knows what’s good and what’s not (or 
should….).

So I think the best solution involves some kind of remote blackhole or ideally, perhaps flowspec.

I don’t think it’s a problem that requires spending significant money.

Chris

On Jun 19, 2014, at 12:50 PM, Kellstr <kellstr () gmail com> wrote:

> Disclaimer: I work for a company which offers a DDoS Protection Service.
>
> The advantage of a service "in the cloud" is that if an attack exceeds
> your circuit bandwidth the provider will be able to drop the malicious
> traffic. That cannot be done at your premise. Both Arbor and Radware
> offer strong appliances that can clean up smaller attacks at your
> premise and can send a signal to the provider if they support that
> service. You can block traffic using IPS's but keep in mind they are
> not designed for a volumetric attack and may be overwhelmed.
>
> On Wed, Jun 18, 2014 at 11:10 AM, Lance Lassetter
> <lancelassetter () gmail com> wrote:
> > What about Suricata or Snort IDS in IPS mode?
> >
> > On Jun 18, 2014 8:43 AM, "Mikhail A. Utin" <mutin () commonwealthcare org> wrote:
> > > As you indicated " Although we're small, We're an organization playing with ($,¥,€,£) exchanges" you are on client 
> > > side rather than on server. If that is right, you do not need to bother with DDoS protection, which is against 
> > > server side.
> > > Mikhail
> > >
> > > -----Original Message-----
> > > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of kartik.netec () gmail 
> > > com
> > > Sent: Wednesday, June 18, 2014 12:49 AM
> > > To: security-basics () securityfocus com
> > > Subject: Re: Re: DDoS protection
> > >
> > > Hi,
> > >
> > > Thanks for your replies.
> > >
> > > Noted the points raised by Jacint and Kelly Keeton. I appreciate that.
> > >
> > > May I be kind to seek an opinion/ arguments suggesting if the In-house appliances are more "intelligent" thwarting 
> > > the application level DOS/ DDoS attacks as compared to ISP provided DOS protection wherein it may even fail to 
> > > detect them. or if there are other benefits owning an In-house product?
> > >
> > > As far as Cons are concerned, I feel that the appliance may add some latency which may create issues wherein a 
> > > latency of milliseconds count.
> > >
> > > Although we're small, We're an organization playing with ($,¥,€,£) exchanges and heavily regulated by the 
> > > Government.
> > >
> > > Thanks,
> > > KT
> > >
> > > ------------------------------------------------------------------------
> > > Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL 
> > > and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers 
> > > can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate 
> > > on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient 
> > > ongoing management of your encryption keys and digital certificates.
> > >
> > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > > ------------------------------------------------------------------------
> > >
> > >
> > > CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential
> > > and privileged information for the use of the designated recipients named above. If you are
> > > not the intended recipient, you are hereby notified that you have received this communication
> > > in error and that any review, disclosure, dissemination, distribution or copying of it or its
> > > contents is prohibited. If you have received this communication in error, please reply to the
> > > sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication
> > > and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy,
> > > please visit our Internet web site at http://www.commonwealthcare.org.
>
>
>
> -- 
> Laws alone cannot secure freedom of expression; in order that every
> man present his views without penalty there must be spirit of
> tolerance in the entire population. - Albert Einstein
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------