Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 02, 2016, 02:02:59 PM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Firewalls in front of servers make DDOS attacks worse ?  (Read 1261 times)

SKA

  • Charter Member
  • Joined in 2006
  • ***
  • default avatar
  • Posts: 223
    • View Profile
    • Donate to Member
« Last Edit: February 02, 2011, 03:07:20 AM by SKA »

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,089
    • View Profile
    • Donate to Member
Re: Firewalls in front of servers make DDOS attacks worse ?
« Reply #1 on: February 02, 2011, 04:57:29 AM »
some may fail to notice "page 2" of your second link, like I did at first:

Quote from: page 2
CoreIT
by Kevin Fogarty
Security
Just say No to DDOS attacks - Page 2

There are plenty of resources out there with instructions on how to defend against a DDOS attack, rather than just outlasting them.

Ultimately a bot-net made up of thousands of machines will be able to outwork any router or firewall you put on the edge, if you don't make it smart enough not to be fooled by what amount to millions of prank phone calls.

The big risks are not the current ones, however.

Attacks on DNS networks and mobile networks -- both of which are often left unprotected by end-user companies that assume their service providers can take care of it -- are both extremely vulnerable, the report found.

There really are no ready made defences for that, at least on the mobile front, largely because security and management tools are not advanced enough to provide the kind of visibility in them that are taken for granted on wired networks, the report found.

-------------
Kevin Fogarty writes about enterprise IT for ITworld. Follow him on Twitter @KevinFogarty.

Sign up for ITworld's Daily newsletter

Did this actually say that security staff in cell/mobile phone companies have no understanding of what security procedures/techs are needed?  :tellme:  :-\

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,220
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Firewalls in front of servers make DDOS attacks worse ?
« Reply #2 on: February 02, 2011, 05:32:06 AM »
some may fail to notice "page 2" of your second link, like I did at first:

Did this actually say that security staff in cell/mobile phone companies have no understanding of what security procedures/techs are needed?  :tellme:  :-\

No. I don't think so.

Quote
Attacks on DNS networks and mobile networks -- both of which are often left unprotected by end-user companies that assume their service providers can take care of it -- are both extremely vulnerable, the report found.

There really are no ready made defenses for that, at least on the mobile front, largely because security and management tools are not advanced enough to provide the kind of visibility in them that are taken for granted on wired networks, the report found.

Did I miss something?

I think he's saying that the tools available aren't able to help.
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,294
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: Firewalls in front of servers make DDOS attacks worse ?
« Reply #3 on: February 02, 2011, 07:29:14 AM »
Quote from: bottom page 1 2nd article
Half of all respondents in 2010 reported a failure due to DDOS, which could have been avoided with either more selective router configuration or by adding a layer of security at the edge of the network that can shed bogus DDOS or other unauthorized traffic before it gets to the firewalls.

So... Now "we" need a firewall for the firewall? This almost sounds like they're trying to conjure up the electronic version of the safest way to get shot in the face.