Re: [fw-wiz] Firewalls that generate new packets..



Darden, Patrick S. wrote:
No offense, but both of you are wrong.
Properly configured, a simple firewall
CAN prevent most DOS attacks.

Sure! It can block most of the current crop. But
there's no way a firewall can prevent a bandwidth
consumption attack. At the very least for the simple
reason that the attack can take place upstream of
the firewall or against the link leading to the firewall.

It's important not to confuse something that can
help against a wide variety of attacks (nothing wrong
with that) with a solution to the problem.

mjr.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Hacking to Xp box
    ... I think there was a misunderstanding in the firewall point: ... you need to find some vulnerability that could be exploited to run ... > restricts most of the attacks that use anonymous connections. ... > Audit your website security with Acunetix Web Vulnerability Scanner: ...
    (Pen-Test)
  • Re: Hacking to Xp box
    ... I think there was a misunderstanding in the firewall point: ... you need to find some vulnerability that could be exploited to run ... > restricts most of the attacks that use anonymous connections. ... > Audit your website security with Acunetix Web Vulnerability Scanner: ...
    (Pen-Test)
  • RE: Hacking to Xp box
    ... I think there was a misunderstanding in the firewall point: ... Regarding ICMP backdoors, this technique was first use by some skilled guy ... you need to find some vulnerability that could be exploited to run ... > restricts most of the attacks that use anonymous connections. ...
    (Pen-Test)
  • Re: Hacking to Xp box
    ... I think there was a misunderstanding in the firewall point: ... you need to find some vulnerability that could be ... > restricts most of the attacks that use anonymous connections. ... > Audit your website security with Acunetix Web Vulnerability ...
    (Pen-Test)
  • Re: Can I protect myself against network attacks?
    ... I consider the SP2 PFW "half a firewall", and many I've read say it ... or listening in, and no virus or trojans from a system scan via KAV. ... After all, the attacks did ...
    (comp.security.firewalls)