-
January 1st, 2002, 12:01 PM
#1
Reverse Firewalls.. A good way to prevent DoS attacks..
Was cruisin' the net looking for some stuff to read, and I stumbled across some stuff on Reverse Firewalls.. was an interesting concept, so I thought I'd share... Enjoy...
Read this vnunet article
If you want more articles, just search for reverse firewalls on
www.google.com
-Matty_Cross
\"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
But when you\'re good and crazy, hehe, the skies the limit!!\"
-
January 1st, 2002, 09:25 PM
#2
Re: Reverse Firewalls.. A good way to prevent DoS attacks..
Originally posted by Matty Cross
If you want more articles, just search for reverse firewalls on
www.google.com
You don't say.......
A good read though, nonetheless.
-
January 2nd, 2002, 03:52 AM
#3
I probably should've explained that part better.. I meant look for them on google rather then reading the related articles at the bottom.. they weren't very good in my opinion.. (but who really wants that)
-Matty_Cross
\"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
But when you\'re good and crazy, hehe, the skies the limit!!\"
-
January 2nd, 2002, 03:58 AM
#4
just thought i'd mention that www.infosyssec.com has some good links for anything on firewalls. but you probably knew that. just trying to be helpful.
-
January 10th, 2002, 08:48 PM
#5
reverse stupidity
Sounds like they gave an old dog a new name. It's just a firewall it's not a reverse anything.
I love how people put "reverse" in front of another word and now it means something different.
i.e reverse discrimination, it's just discrimination.
I've got one. REVERSE STUPIDITY!!!
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 10th, 2002, 08:56 PM
#6
Well, KorpDeath is somewhat correct. I'm pretty sure that proxy-based firewalls have been able to do this all along, so basically what they are touting is a sort of proxy-firewall without the caching.
Regards,
Wizeman
\"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me
-
January 10th, 2002, 09:00 PM
#7
Re: Reverse Firewalls.. A good way to prevent DoS attacks..
Originally posted by Matty_Cross
Was cruisin' the net looking for some stuff to read, and I stumbled across some stuff on Reverse Firewalls.. was an interesting concept, so I thought I'd share... Enjoy...
Thanks for good information !
This is interesting and I hope that you continues to share with us what you finds about this reversed firewalls :-).
I'm tied up at work.. But if someone finds a software solution with this "reverse firewall" would I be happy to recieve the link and then do a thorough test of it :-).
-
January 10th, 2002, 09:41 PM
#8
Senior Member
A better way to do this ...
... is to use a gateway router. For instance, if your ISP doesn't have their router set up to do a rate-limit on ICMP's ... I don't know what to say.
Anyway - yeah, routers have been able to do this for years. But, then, I guess most people don't have a router sitting in their home.
-
February 3rd, 2002, 06:31 PM
#9
Member
Matty, I haven't checked the site out <bah, I hate too much reading >, but I think I got the idea from the title "reverse firewalls". Starting here, I will be talking of personal experience
The simplest way of blocking DDoS attacks is from their source, if you don't allow too much outbound < that is, ur the ISP in this case>, teh the possibilities of a DDoS attack starting from someone behind your network is pretty low <yet, not impossible>. But, what if your the ISP admin. but the zombie network(s) is outta ur control? would you say "bullshit, I'm not responsible"? The answer is NO. But what would u do? that is where the part of "reverse" comes-up, Reverse means it acts on the other-end <not the expected one> and that's how it got it's name. Think of this for a while, what if u monitor packet contents for words used in the connection between the master and his zombies? That would keep the attack at its source, eih? That's what they meant by reverse-proxying, and this has been a technique I applied at an ISP I workeds for last summer .
Yours,
etsh911
-
February 3rd, 2002, 08:02 PM
#10
Senior Member
The Reverse Firewall works by filtering the outgoing packets from a network. The difference between a legitimate application that uses high bandwidth and a packet flooding attack is that, in the former case, the machine at the other end of the conversation is participating in a two-way conversation. In the case of a DoS attack, the exchange is one sided.
One situation where this concept is useful ... and I've typically used ACLs to control it, is where someone inside my company, like in the accounting department or facilities, wants to "help" me with security and installs Trinux or BigBrother or other "free tools" to monitor resources that they use, that may be accross our leased lines or FrameRelay links.....connections that would be otherwise assumed to be "safe". And yet such people don't understand the impact of what they are doing and I get 8000 ICMP requests going out all over the place....then they wonder how I knew!!!! <//quitting now before damed up emotions erupt>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-==-=
Noah built the ark BEFORE it rained.
http://ld.net/?rn
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-==-=
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|