This is a discussion on Denial of Service (flooding) protection - Network ; My server constantly gets hit by attacks and floods and we just recently installed a snort box on redhat linux 7.3 and a cisco pix firewall. Well every now and than we get flooded and if we try doing a ...
My server constantly gets hit by attacks and floods and we just
recently installed a snort box on redhat linux 7.3 and a cisco pix
firewall. Well every now and than we get flooded and if we try doing
a SYN flood on ourselves we see our firewall go down and our snort box
does nothing but tell us alerts. Over a 100mbit switch running syn
flood attacks and udp flood attacks we rebooted the cisco 8 times in
Well we are not impressed especially for the money we spent on it. We
have been looking at other appliance solutions to solve this and are
having a hard time finding something affordable that actually works.
Here is what we have looked at so far and what we think:
Top Layer 'IP Mitigater' = exactly what we want but.... pretty big
price tag starts at $7000. Probably a bit overkill for our server
farm. Also these guys seemed to dissapear I think they are going out
of business or something.
Melior inc. 'iSecure' = sounds good but they don't have enough info on
their website. one of their sales guys called us back and said it
completes the three way handshake to defeat syn floods, I told them to
prove it and they said try nmaping their website www.ddos.com. Hrmm
interesting. Still a bit pricey but nice lookin box.
And I guess the other guys we have seen are rehashes of what the Cisco
pix is doing or shall I say no doing either that or they require
deployment of software
at the router level which we cannot touch our border router it is
owned and maintained by our ISP.
So that said has anyone looked at Top Layer, Melior or found and new
technology or company providing a similar product that WORKS!
Thanks in advance,