Author Topic: Firewalls in front of servers make DDOS attacks worse ? (Read 3473 times)

SKA · « **on:** February 02, 2011, 02:20 AM »

very curious articles & comments:

http://www.itworld.c...rewalls-report-finds

http://www.itworld.c...-say-no-ddos-attacks

SKA

Curt · « **Reply #1 on:** February 02, 2011, 04:57 AM »

some may fail to notice "page 2" of your second link, like I did at first:

CoreIT
by Kevin Fogarty
Security
Just say No to DDOS attacks - Page 2

There are plenty of resources out there with instructions on how to defend against a DDOS attack, rather than just outlasting them.

Ultimately a bot-net made up of thousands of machines will be able to outwork any router or firewall you put on the edge, if you don't make it smart enough not to be fooled by what amount to millions of prank phone calls.

The big risks are not the current ones, however.

Attacks on DNS networks and mobile networks -- both of which are often left unprotected by end-user companies that assume their service providers can take care of it -- are both extremely vulnerable, the report found.

There really are no ready made defences for that, at least on the mobile front, largely because security and management tools are not advanced enough to provide the kind of visibility in them that are taken for granted on wired networks, the report found.

-------------
Kevin Fogarty writes about enterprise IT for ITworld. Follow him on Twitter @KevinFogarty.

Sign up for ITworld's Daily newsletter
-page 2

Did this actually say that security staff in cell/mobile phone companies have no understanding of what security procedures/techs are needed?

$:-\$

Renegade · « **Reply #2 on:** February 02, 2011, 05:32 AM »

some may fail to notice "page 2" of your second link, like I did at first:

Did this actually say that security staff in cell/mobile phone companies have no understanding of what security procedures/techs are needed? $:-\$
-Curt (February 02, 2011, 04:57 AM)

No. I don't think so.

Attacks on DNS networks and mobile networks -- both of which are often left unprotected by end-user companies that assume their service providers can take care of it -- are both extremely vulnerable, the report found.

There really are no ready made defenses for that, at least on the mobile front, largely because security and management tools are not advanced enough to provide the kind of visibility in them that are taken for granted on wired networks, the report found.

Did I miss something?

I think he's saying that the tools available aren't able to help.

Stoic Joker · « **Reply #3 on:** February 02, 2011, 07:29 AM »

Half of all respondents in 2010 reported a failure due to DDOS, which could have been avoided with either more selective router configuration or by adding a layer of security at the edge of the network that can shed bogus DDOS or other unauthorized traffic before it gets to the firewalls.
-bottom page 1 2nd article

So... Now "we" need a firewall for the firewall? This almost sounds like they're trying to conjure up the electronic version of the safest way to get shot in the face.

Author Topic: Firewalls in front of servers make DDOS attacks worse ? (Read 3473 times)

SKA

Firewalls in front of servers make DDOS attacks worse ?

Curt

Re: Firewalls in front of servers make DDOS attacks worse ?

Renegade

Re: Firewalls in front of servers make DDOS attacks worse ?

Stoic Joker

Re: Firewalls in front of servers make DDOS attacks worse ?