Hardware Firewall Denial of Service (DoS) protection

Discussion in 'other firewalls' started by ssj100, Oct 11, 2009.

Thread Status:
Not open for further replies.
  1. ssj100

    ssj100 Guest

    How useful is hardware DoS protection? I just noticed this option is disabled by default for my hardware firewall.
     
  2. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    Probably a bit pointless for two reasons:
    1. How often do individuals get DDOS'ed versus companies?
    2. It's useless against a bandwidth flood attack and unless you got a few hundred Mbit/s of bandwidth you're going down pretty quickly.
     
  3. ssj100

    ssj100 Guest

    Thanks Scoobs. I guess there's no harm in enabling it though right?

    I don't know much about hardware firewalls or firewalls in general for that matter.

    I just found a bit more information about my hardware firewall. Apparently there are three main types of protection:

    DoS Protection:
    1. SYN Flood check
    2. ICMP Redirection check

    Port Scan Protection:
    1. FIN/URG/PSH attack
    2. Xmas Tree Scan
    3. Null Scan attack
    4. SYN/RST attack
    5. SYN/FIN Scan

    Service Filtering:
    1. Ping from WAN
    2. Telnet from WAN
    3. FTP from WAN
    4. DNS from WAN
    5. IKE from WAN
    6. RIP from WAN
    7. DHCP from WAN
    8. ICMP from LAN

    Anyone can clarify each of these and whether it's worthwhile enabling these types of protection? Is there any potential harm enabling any of these options? I'm just curious to try enabling all of these options (except "ICMP from LAN protection") to see if my internet cuts off less often. On average, my internet goes down about 6-10 times a week. It's almost always for a very short time though (as if someone switched off my modem and switch it back on again).

    Thanks for any thoughts guys.
     
  4. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    Probably no issues with enabling it. It's on by default on my router. But it's a bit like flashing lights on a childs toy....doesn't really do anything, just there for show.
     
  5. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
    Which router are you using?

    Your Router is equipped with a firewall that will protect your network from a wide array of common hacker attacks including Ping of Death (PoD) and Denial of Service (DoS) attacks. Intrustion Detection, NAT, SPI.
     
  6. ssj100

    ssj100 Guest

    I'm using some cheap D-link router (I forget the model name now, as I'm not at home). I didn't think it had SPI, but it certainly does have NAT.
     
  7. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
    Cheap DLINK if you got the DIR series then you have pretty good protection off the bat even with the old DI series also. Most of them have all 3 and some have 5 features for the home. Just enable firewall features. The logs you can look at I just disable them because just takes up too much extra memory that these routers just don't have enough of on those with up-to 16MB where 12MB is being consumed.

    What happens when you run Shields-up are all your ports on your DLINK show up as stealth?
     
  8. ssj100

    ssj100 Guest

    Yes, all show up as stealth, even with no software firewall installed and Windows Firewall disabled.
     
  9. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
    Then one layer of your defense working! Now how much more do you need with software wise? See I block all access to IE browser as every pieced of software uses that to phone home outbound traffic. When you uninstall Comodo it like to start IE and bla, bla after that. SRP can stop that from happening.
     
  10. ssj100

    ssj100 Guest

    Yes indeed:

     
Loading...
Thread Status:
Not open for further replies.