Results 1 to 5 of 5
-
04-27-2010, 06:32 PM #1Junior Guru
- Join Date
- Mar 2005
- Location
- New Jersey
- Posts
- 177
Cisco Firewall to protect from hackers and DDos attacks?
Hi.
I am presently protected by a Cisco firewall and it has worked wonders for protecting me and stopping DDoS attacks.
I was wondering which one of these is better as they are in my budget.
a.) Cisco 1711-VPN/K9
b.) Cisco PIX 501
Can anyone tell me how these two compare to a Cisco PIX 525? I am also looking at the 525.
Thanks in advance for your helP!CHEAPEST Domain Registration, Renewals, & Transfers - Domain Transfers even CHEAPER to win your business! 100% satisfaction guaranteed! For personal support, PM me.
Link Building & SEO Blog
-
04-27-2010, 07:32 PM #2Web Hosting Master
- Join Date
- Aug 2003
- Location
- /dev/null
- Posts
- 2,132
None of the three mentioned will stop a DDoS attack.
-
04-27-2010, 07:37 PM #3Junior Guru
- Join Date
- Mar 2005
- Location
- New Jersey
- Posts
- 177
CHEAPEST Domain Registration, Renewals, & Transfers - Domain Transfers even CHEAPER to win your business! 100% satisfaction guaranteed! For personal support, PM me.
Link Building & SEO Blog
-
04-27-2010, 07:43 PM #4Junior Guru Wannabe
- Join Date
- Apr 2010
- Posts
- 71
The firewall may actually fail before the server, but if there was enough resources on the firewall, it could for example, proxy the TCP connection and not send bogus packets to the server. In your case it's probably only allowing access to the services you are running which is good. Maybe see which device will route the most packets. You may like the device to block ports and setup VPN access.
ActiveHost Corporation - Hyper-V, New York Co-location, VPS, Dedicated & Shared Hosting
Fully Supporting: Windows 2008, ASP.NET 3.5, SQL 2008, Silverlight 3
14 Years in Business with our own multi-million dollar data center
www.activehost.comsales@activehost.com1-888-500-6799
-
04-27-2010, 07:45 PM #5Doh!!
- Join Date
- Jan 2001
- Location
- NJ
- Posts
- 2,343
Firewalls especially the ones you are talking about don't stop DDoS attacks, maybe just straight attacks that can be null routed if the attacker is stupid and just uses one ip and that is a big maybe. But otherwise firewalls are not designed at all in anyway shape or form to stop a DDoS/DoS attack. Some netscreens on the higher levels might have some ability to but when you get into that price range its better to get a stand alone DDoS appliance ala Riorey or a Cisco guard.
The firewalls you are talking about have a MAX packets per/sec which any real "massive" attack will easily clobber and bring the box down, the other thing is they are both 100mbps max uplinks which any real massive attack will clobbber and bring that device down. So either way you loose loose.
Firewalls are designed for primarily one thing, to NAT/Route, and close off unwanted ports and provide logging via syslog to an off device server that someone is attacking this port.Jay
Similar Threads
-
Best Firewall for DDoS Attacks?
By EGS in forum Dedicated ServerReplies: 36Last Post: 03-28-2009, 01:42 PM -
Hackers Admit to Wave of Attacks
By Hiccups in forum Web Hosting LoungeReplies: 9Last Post: 09-09-2005, 03:55 PM -
How to optimize server and protect from DDoS and other attacks...
By mouseattack in forum Hosting Security and TechnologyReplies: 15Last Post: 12-22-2004, 01:19 PM