Results 1 to 10 of 10

Thread: Reverse Firewalls.. A good way to prevent DoS attacks..

  1. #1
    Senior Member
    Join Date
    Sep 2001
    Posts
    831

    Reverse Firewalls.. A good way to prevent DoS attacks..

    Was cruisin' the net looking for some stuff to read, and I stumbled across some stuff on Reverse Firewalls.. was an interesting concept, so I thought I'd share... Enjoy...

    Read this vnunet article

    If you want more articles, just search for reverse firewalls on
    www.google.com
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  2. #2

    Re: Reverse Firewalls.. A good way to prevent DoS attacks..

    Originally posted by Matty Cross


    If you want more articles, just search for reverse firewalls on
    www.google.com

    You don't say.......




    A good read though, nonetheless.

  3. #3
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    I probably should've explained that part better.. I meant look for them on google rather then reading the related articles at the bottom.. they weren't very good in my opinion.. (but who really wants that)
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    319
    just thought i'd mention that www.infosyssec.com has some good links for anything on firewalls. but you probably knew that. just trying to be helpful.

  5. #5
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628

    Red face reverse stupidity

    Sounds like they gave an old dog a new name. It's just a firewall it's not a reverse anything.

    I love how people put "reverse" in front of another word and now it means something different.

    i.e reverse discrimination, it's just discrimination.

    I've got one. REVERSE STUPIDITY!!!
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  6. #6
    Senior Member
    Join Date
    Jul 2001
    Posts
    143
    Well, KorpDeath is somewhat correct. I'm pretty sure that proxy-based firewalls have been able to do this all along, so basically what they are touting is a sort of proxy-firewall without the caching.

    Regards,
    Wizeman
    \"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    742

    Re: Reverse Firewalls.. A good way to prevent DoS attacks..

    Originally posted by Matty_Cross
    Was cruisin' the net looking for some stuff to read, and I stumbled across some stuff on Reverse Firewalls.. was an interesting concept, so I thought I'd share... Enjoy...
    Thanks for good information !

    This is interesting and I hope that you continues to share with us what you finds about this reversed firewalls :-).

    I'm tied up at work.. But if someone finds a software solution with this "reverse firewall" would I be happy to recieve the link and then do a thorough test of it :-).

  8. #8
    Senior Member
    Join Date
    Jan 2002
    Posts
    132

    A better way to do this ...

    ... is to use a gateway router. For instance, if your ISP doesn't have their router set up to do a rate-limit on ICMP's ... I don't know what to say.

    Anyway - yeah, routers have been able to do this for years. But, then, I guess most people don't have a router sitting in their home.

  9. #9
    Matty, I haven't checked the site out <bah, I hate too much reading >, but I think I got the idea from the title "reverse firewalls". Starting here, I will be talking of personal experience

    The simplest way of blocking DDoS attacks is from their source, if you don't allow too much outbound < that is, ur the ISP in this case>, teh the possibilities of a DDoS attack starting from someone behind your network is pretty low <yet, not impossible>. But, what if your the ISP admin. but the zombie network(s) is outta ur control? would you say "bullshit, I'm not responsible"? The answer is NO. But what would u do? that is where the part of "reverse" comes-up, Reverse means it acts on the other-end <not the expected one> and that's how it got it's name. Think of this for a while, what if u monitor packet contents for words used in the connection between the master and his zombies? That would keep the attack at its source, eih? That's what they meant by reverse-proxying, and this has been a technique I applied at an ISP I workeds for last summer .

    Yours,
    etsh911

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    157
    The Reverse Firewall works by filtering the outgoing packets from a network. The difference between a legitimate application that uses high bandwidth and a packet flooding attack is that, in the former case, the machine at the other end of the conversation is participating in a two-way conversation. In the case of a DoS attack, the exchange is one sided.
    One situation where this concept is useful ... and I've typically used ACLs to control it, is where someone inside my company, like in the accounting department or facilities, wants to "help" me with security and installs Trinux or BigBrother or other "free tools" to monitor resources that they use, that may be accross our leased lines or FrameRelay links.....connections that would be otherwise assumed to be "safe". And yet such people don't understand the impact of what they are doing and I get 8000 ICMP requests going out all over the place....then they wonder how I knew!!!! <//quitting now before damed up emotions erupt>
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-==-=
    Noah built the ark BEFORE it rained.


    http://ld.net/?rn
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-==-=

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •