Hello,
Quick question. Is there anyone on this list using Corero for DDoS protection? If so I'd much appreciate an off-list review of it. Thanks in advance.
Thanks,
Ragnar Sigurðsson Joensen, rjoensen@synack.fo
Operations, +40799694635
Sp/f Synack | synack@synack.fo | +298 201111
hi
Quick question. Is there anyone on this list using Corero for DDoS protection? If so I'd much appreciate an off-list review of it. Thanks in advance.
hummm ... just some generic comments when comparing "DDoS protection"
one DDoS solution is NOT necessarily a cost-effective mitigation
against all the various types of DDoS attacks
various types of attacks:
- tcp-based DDoS attacks on any port are best mitigated with
iptables + tarpits ( in-house appliance could handle up to 100gig/sec )
the attacking zombie bots should crash long before they can
affect your servers
( 100,000 ddos packet/sec * 2Kbyte/packet * 120sec tcp timeouts )
- udp-based DDoS attacks are best mitigated by confirming that
your DNS server/app, NTP server/app, SNMP server/app, NFS, X11,
etc, etc properly patched and hardened
your ISP will most likely have to be involved to mitigate
incoming UDP and ICMP based attacks using various methods
like flow analysis/collection/mediation, rtbh, bgp, etc