Re: [fw-wiz] TCP syncookies - firewall or host?

FirewallWizards

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [fw-wiz] TCP syncookies - firewall or host?

from [Florin Andrei]

[Permanent Link][Original]

To:	Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Subject:	Re: [fw-wiz] TCP syncookies - firewall or host?
From:	Florin Andrei <florin@andrei.myip.org>
Date:	Tue, 03 Apr 2007 14:43:26 -0700
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	fwwizards-list2@consult.net
Delivered-to:	firewall-wizards@listserv.cybertrust.com
In-reply-to:	<4612B584.3040208@andrei.myip.org>
List-archive:	<https://listserv.icsalabs.com/pipermail/firewall-wizards>
List-help:	<mailto:firewall-wizards-request@listserv.icsalabs.com?subject=help>
List-id:	Firewall Wizards Security Mailing List <firewall-wizards.listserv.icsalabs.com>
List-post:	<mailto:firewall-wizards@listserv.icsalabs.com>
List-subscribe:	<https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=subscribe>
List-unsubscribe:	<https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=unsubscribe>
References:	<4612B584.3040208@andrei.myip.org>
Reply-to:	Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Sender:	firewall-wizards-bounces@listserv.icsalabs.com
User-agent:	Thunderbird 1.5.0.10 (X11/20070302)

Florin Andrei wrote:
> 
> This sounds like a job for the firewall, but on the other hand all those 
> servers are very fast, there's a lot of them, and usually they're mostly 
> idle. So I'm very tempted to dump that task on the servers.

OTOH, if I let the servers deal with it, wouldn't that fill up resources 
on the firewall real quick during an attack? So in that case, syncookies 
at the firewall level would be better.

I will do some tests to trigger some issues that might occur in real 
life and see how each piece of equipment handles that, but until then 
I'd like to get a second opinion, so that's why I'm asking.

-- 
Florin Andrei

http://florin.myip.org/
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[fw-wiz] TCP syncookies - firewall or host?, Florin Andrei Re: [fw-wiz] TCP syncookies - firewall or host?, Florin Andrei <= [fw-wiz] Firewall surveyquestion, Steve orca Re: [fw-wiz] TCP syncookies - firewall or host?, rgolodner [fw-wiz] TCP syncookies - firewall or host?, chris mr

Previous by Date:	Re: [fw-wiz] OT? New compromise., Mike Barkett
Next by Date:	[fw-wiz] Firewall surveyquestion, Steve orca
Previous by Thread:	[fw-wiz] TCP syncookies - firewall or host?, Florin Andrei
Next by Thread:	[fw-wiz] Firewall surveyquestion, Steve orca
Indexes:	[Date] [Thread] [Top] [All Lists]