IDS mailing list archives
RE: Sessions Resource Exhaustion
From: "Nelson Brito" <nbrito () sekure org>
Date: Mon, 15 Oct 2007 15:57:51 -0300
Please read the definition of DoS Attacks. I believe any firewall will be a victim if we setup a test launching the attack in LAB and let the resources tanked.
Sorry, I don't need to read the detailed definition of DoS to know: - You have a 100 Mbps network; - You buy / deploy a 10 Mbps Firewall / IPS; - You DONE!!! You cannot expect your New Beatle has the same horse power of a Ferrari, just like that. That's pure math and doesn't mean you are under DoS attack, it means that you didn't make your home work or didn't have the appropriate budget to protect you assets.
IPS can take care of many of these but an attacker can still modify the packet size and exhaust memory due to large packet size.
Now we are talking about design flaw.
Hence when buying these solutions one need to understand the network architect of their network, available bandwidth and number of session vs. resources calculations to size their firewall and IPS solution. This would create enough cushions for an administrator to react and remedy an attack.
Actually, I have no idea what is you point here... :-D ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Re: Sessions Resource Exhaustion, (continued)
- Re: Sessions Resource Exhaustion Ravi Chunduru (Oct 15)
- Re: Sessions Resource Exhaustion Rahul K (Oct 16)
- Re: Sessions Resource Exhaustion Ravi Chunduru (Oct 16)
- Re: Sessions Resource Exhaustion Rahul K (Oct 16)
- Re: Sessions Resource Exhaustion Ravi Chunduru (Oct 15)
- Re: Sessions Resource Exhaustion Control Zed (Oct 18)
- Re: Sessions Resource Exhaustion K K (Oct 15)
- RE: Sessions Resource Exhaustion Nelson Brito (Oct 15)
- RE: Sessions Resource Exhaustion Ahsan Khan (Oct 15)
- Re: Sessions Resource Exhaustion Roland Dobbins (Oct 16)
- RE: Sessions Resource Exhaustion Nelson Brito (Oct 16)