Firewall Wizards mailing list archives
Re: Ddos prevention tools...
From: <black () galaxy silvren com>
Date: Tue, 3 Jul 2001 17:25:17 -0400 (EDT)
I'm a little skeptical on stopping DDOS attacks. The only "real" way to stop them is to prevent the traffic at the original source. So you use your firewall to block berserk HTTP requests heading for your web server on a DMZ. That's great. But you still have a huge hunk of bandwidth being wasted as the requests continue to pour in. What happens if you're being smurfed? Filtering at your firewall in this case does absolutely nothing. Your external links are still saturated. If your sink gets plugged, sure you can shut off the water so it doesn't overflow, but you still can't use it. I guess every little bit helps, but we need to consider if that's really an effective solution. On Mon, 2 Jul 2001, Nimesh vakharia wrote:
Has anyone had a chance to evaluate the new Ddos prevention tools from Captus Networks and Mazu... Their entire product lines seems to revolve around the fact that it can stop Ddos attacks. I am curious as to how they address the false positive rate issue... If they drop/rate limit traffic rates that looks like a DDos it better be a Ddos... I wonder what kind of algorithms they use... Nimesh. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Need to duplicate messages under smap 2.1 Michael C. Ibarra (Jul 02)
- Ddos prevention tools... Nimesh vakharia (Jul 03)
- Re: Ddos prevention tools... black (Jul 05)
- <Possible follow-ups>
- Re: Need to duplicate messages under smap 2.1 Antonomasia (Jul 03)
- Ddos prevention tools... Nimesh vakharia (Jul 03)