Firewall Wizards mailing list archives

Re: Reactive Firewalls

From: Darren Reed <darrenr () cyber com au>
Date: Thu, 12 Feb 1998 09:38:45 +1100 (EST)

In some mail I received from Stout, William, sie wrote


I agree to the extent that I seriously question firewalls that shutdown
during a perceived attack.  I agree that reactive firewalls can be
dangerous, a hacker/cracker finds out what a target responds to, then
manipulates the target by its' reactions.  A reactive firewall makes a
great D.O.S. target.


Whilst feedback may help the hacker, if it shuts down and needs to be
manually rebooted, it also slows down the attack considerably.  There's
also a good chance it will discourage those who are 'trolling' for
insecure sites/firewalls from making a serious attempt to penetrate
your firewall.

Personally, I'd prefer a service that fell victim to D.O.S attacks than
one which could be compromised.

Darren

Current thread:

RE: Reactive Firewalls Stout, William (Feb 10)
- <Possible follow-ups>
- Re: Reactive Firewalls tqbf (Feb 11)
- Re: Reactive Firewalls Darren Reed (Feb 11)
  - Re: Reactive Firewalls John Lines (Feb 12)
  - Re: Reactive Firewalls Rick Smith (Feb 12)
    - Re: Reactive Firewalls Chris Brenton (Feb 13)
    - Re: Reactive Firewalls Rick Smith (Feb 13)
    - Re: Reactive Firewalls Joseph S. D. Yao (Feb 13)
    - Re: Reactive Firewalls Rachel Rosencrantz (Feb 13)
    - Re: Reactive Firewalls Rick Smith (Feb 16)