Re: DDOS attack
From:Date: 08/02/02
- Next message: amputee: "Re: under attack, need help !"
- Previous message: Don Grover: "Re: What to use, what to use?"
- In reply to: Sur: "DDOS attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 01 Aug 2002 22:48:41 GMT
"Sur" <zoer@deletethis.newmail.com> wrote in message news:aibb5j$1318rs$1@ID-113520.news.dfncis.de...
> Hi,
>
> Any of you guys know a firewall that can stand DDOS attack on INTRANET (FE
> based)?
> (software / hardware does not matter).
> So far, only 1 firewall appliance that can stand our test lab SYN Attack.
> "Stand" as in service to a resource behind a firewall is still available
> (although slow), BUT it can't BLOCK the packets (it just dropped them).
>
>
> ,Sur
>
>
Uhm.. it depends on the relative force of the attack. Assuming all other
hardware is up to par: eventually, the speed of the processor running the
thing is going to be the final bottleneck. If you have a firewall with a 100MHz
processor, and it can process one packet per cycle, the absolute theoretical
maximum number of packets per second you can handle is 100,000,000. But
we're not even going to assume that conversion is possible.
Obviously the firewalls which do the least amount of processing for said
attacks will perform the best, all other factors (speed of processor/other
hardware, force of attack, type of attack, etc...) not considered. And
really, all of those factors do need to be considered. Some firewalls handle
some types of packets in different ways than others, and most run on
different platforms than others, so I must say that this test really doesn't
demonstrate anything...
amputee
- Next message: amputee: "Re: under attack, need help !"
- Previous message: Don Grover: "Re: What to use, what to use?"
- In reply to: Sur: "DDOS attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
