firewalls protecting against DOS attacks

Discussion in 'other firewalls' started by hany3, Jan 4, 2008.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    If that is the case, then I would suggest that you change your setup.

    As example: I can setup Jetico2 on an untrusted LAN, create 2 ARP rules (for binding of gateway IP/MAC), this then drops all ARP scans from all nodes on the LAN, this also stops the IP used by the PC being scanned directly, so such tools as nmap will show the IP as down.

    L`n`S have also introduced new ARP rules, but I have not had time to setup and check/test this yet.
     
    Stem, Jan 6, 2008
    #26
  2. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    thanks for your valuable advices , stem i ll try them
    but i have 2 comment on both firewalls that u mentioned above

    jetico have anti arp spoofing , i know that
    but i blame jetico that its popups are much much more
    i tried it before with the latest version
    for example when launching yahoo messenger , it gave me more than 20 pop-ups , even i let it to remember the answer
    it's some what difficult in configuaring this firewall , need more experienced user "like u" to setup the rules
    and also it lack preset rules
    but i know it has powerfull anti leak protection as proved by matousec

    on the other hand
    look'n stop
    i never tried it , and the reason was its weak leak protection "matousec also"

    as i said before
    in any good firewall should have

    good leak protection
    anti spoofing , dos attack protection
    easy configuaration , less pop ups
    does not need high system resources

    i currently use lavasoft firewall 1.0
    have the same outpost engine
    good leak protection
    anti spoofing , anti-DOS
    very light on pc

    in fact i hoped to install outpost 2008
    but i think it still in the alpha stage
    althought agnitum does not want to believe this fact
    it is so buggy
    i as well as other users had hundreds of serious problems with it

    cheers
     
    hany3, Jan 6, 2008
    #27
  3. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    It does not have ARP anti-spoofing. You would need to create ARP rules to filter.
    I did put forward (as did others) during the early beta`s for an option to export/ import ruleset`s, but still this as not been done.
    Some other rulesets have been added for the initial installation, but there are few and not all are fully working correctly
    For me personally, I am tired of the anti-leak within Jetico2, this, although it does past the leak-tests, the implementation is quite bad (IMHO)
    For me, anti-leak software/firewall should block an application attacking, not block the application being attacked.

    Obviously you have still not found one, as you have put forward that you still get DOS
     
    Stem, Jan 7, 2008
    #28
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...