Re: Setting up ADSL?

To: debian-user@lists.debian.org
Subject: Re: Setting up ADSL?
From: ElTino <tinom3@gmail.com>
Date: Wed, 27 Feb 2008 08:34:57 -0800 (PST)
Message-id: <[🔎] 15717117.post@talk.nabble.com>
In-reply-to: <[🔎] ecfa260c0802090111l4784b02dt7bd5243a7f8261c1@mail.gmail.com>
References: <[🔎] ecfa260c0802090111l4784b02dt7bd5243a7f8261c1@mail.gmail.com>

Zach-5 wrote:
> 
> Anyone have a good basic firewall (especially example rules scripts!)
> that I can put up?
> 
> Besides a plain firewall what else can I do to make my machine more
> secure since it will be connected to the outside world nearly 24x7
> from now on.
> 
> Last week one of my friends had their machine ping flooded, they
> couldn't get any packets out and the attacker only stopped after he
> unplugged his router and waited a few hours before reconnecting.
> Questions:
> 
> 1) If this happens to me what should I do to stop the attacker and get
> back online?
> (A quick way to ignore their IP would be good for starters.)
> 
> 2) Why didn't his ISP or even the ISP's upstream provider catch this
> and automatically null route the offender?
> 

We have to mention one very important thing here - a single hardware
appliance like a firewall is not enough! Such devices can cope with small
kind of attacks but when we talk about massive attacks the picture is
totally different. 

One more thing that is worth mentioning is that while companies are gearing
up with security appliances and all most of the perpetrators of DDoS attacks
let's say are also developing and searching for ways to bypass security
devices and appliances.

An attack of a large scale would be kind of difficult to be stopped just
with a single device.

The mitigation and protection from such attacks involves a lot of time,
money and technology as well as professional interaction by security
specialists and analysts.

In case you have a home pc which  is not acting as a server and if you are
not delivering content or services to outside users then you could block the
whole of the incoming traffic.

Block the incoming ports as well.This will not stop you from communicating
out through those ports.

If the case is that you will deliver content or services then you can't
apply the above mentioned. I'd suggest you to make a survey of the companies
that are specializing in DDoS protection and mitigation and choose the one
that best fits your network infrastructure and budget of course.
-- 
View this message in context: http://www.nabble.com/Setting-up-ADSL--tp15369954p15717117.html
Sent from the Debian User mailing list archive at Nabble.com.

Reply to:

References:
- Setting up ADSL?
  - From: Zach <netrek@gmail.com>

Prev by Date: Re: Custom Kernels and 2.6.24
Next by Date: Re: Custom Kernels and 2.6.24
Previous by thread: Re: Setting up ADSL?
Next by thread: Gigabyte M61P-S3 and wild MAC address of ethernet interface
Index(es):
- Date
- Thread