Bad firewall practice helps DDoS attacks


Recommended Posts

Bad firewall practice helps DDoS attacks

Firewalls and IPS put in wrong place on networks

John E Dunn

During 2010, nearly half of all respondents had experienced a failure of their firewall or IPS due to DDoS, something that could have been avoided in many cases using better router security configuration.

"They [firewalls] should not be placed in front of servers. Folks do it because they have been programmed to do it," says Arbor's solutions architect, Roland Dobbins. In many cases, these devices became immediate bottlenecks in the face of DDoS, achieving the attackers' aims with ease.

Firewalls and IPS were fine for LANs where they filtered outgoing traffic, but turned into obvious points of failure when used as a barrier to protect servers receiving large volumes of inbound packets, he says.

One thing that is clear form Arbor's report is that DDoS size will go on increasing, fed ironically by increased investment in defences against DDoS generally. Rather like the growth in spam after the advent of efficient filtering, better defences force attackers to up their game, throwing more and more traffic at targets in the hope of having some effect.

An interesting blind spot suggested by Arbor could be mobile networks, which Dobbins describes as being almost "accidental ISPs."

Read full story - http://www.pcadvisor...wsid=3258932

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...