Results 1 to 5 of 5
  1. #1
    Join Date
    Mar 2005
    Location
    New Jersey
    Posts
    177

    Question Cisco Firewall to protect from hackers and DDos attacks?

    Hi.

    I am presently protected by a Cisco firewall and it has worked wonders for protecting me and stopping DDoS attacks.

    I was wondering which one of these is better as they are in my budget.

    a.) Cisco 1711-VPN/K9
    b.) Cisco PIX 501

    Can anyone tell me how these two compare to a Cisco PIX 525? I am also looking at the 525.

    Thanks in advance for your helP!
    CHEAPEST Domain Registration, Renewals, & Transfers - Domain Transfers even CHEAPER to win your business! 100% satisfaction guaranteed! For personal support, PM me.
    Link Building & SEO Blog

  2. #2
    Join Date
    Aug 2003
    Location
    /dev/null
    Posts
    2,132
    None of the three mentioned will stop a DDoS attack.

  3. #3
    Join Date
    Mar 2005
    Location
    New Jersey
    Posts
    177
    Quote Originally Posted by iptelligent View Post
    None of the three mentioned will stop a DDoS attack.
    Yes it will my Cisco PIX already have stopped massive DDoS attacks can someone knowledgeable please help me?
    CHEAPEST Domain Registration, Renewals, & Transfers - Domain Transfers even CHEAPER to win your business! 100% satisfaction guaranteed! For personal support, PM me.
    Link Building & SEO Blog

  4. #4
    The firewall may actually fail before the server, but if there was enough resources on the firewall, it could for example, proxy the TCP connection and not send bogus packets to the server. In your case it's probably only allowing access to the services you are running which is good. Maybe see which device will route the most packets. You may like the device to block ports and setup VPN access.
    ActiveHost Corporation - Hyper-V, New York Co-location, VPS, Dedicated & Shared Hosting
    Fully Supporting: Windows 2008, ASP.NET 3.5, SQL 2008, Silverlight 3
    14 Years in Business with our own multi-million dollar data center
    www.activehost.comsales@activehost.com
    1-888-500-6799

  5. #5
    Quote Originally Posted by EGS View Post
    Yes it will my Cisco PIX already have stopped massive DDoS attacks can someone knowledgeable please help me?
    Firewalls especially the ones you are talking about don't stop DDoS attacks, maybe just straight attacks that can be null routed if the attacker is stupid and just uses one ip and that is a big maybe. But otherwise firewalls are not designed at all in anyway shape or form to stop a DDoS/DoS attack. Some netscreens on the higher levels might have some ability to but when you get into that price range its better to get a stand alone DDoS appliance ala Riorey or a Cisco guard.

    The firewalls you are talking about have a MAX packets per/sec which any real "massive" attack will easily clobber and bring the box down, the other thing is they are both 100mbps max uplinks which any real massive attack will clobbber and bring that device down. So either way you loose loose.

    Firewalls are designed for primarily one thing, to NAT/Route, and close off unwanted ports and provide logging via syslog to an off device server that someone is attacking this port.
    Jay

Similar Threads

  1. Best Firewall for DDoS Attacks?
    By EGS in forum Dedicated Server
    Replies: 36
    Last Post: 03-28-2009, 01:42 PM
  2. Hackers Admit to Wave of Attacks
    By Hiccups in forum Web Hosting Lounge
    Replies: 9
    Last Post: 09-09-2005, 03:55 PM
  3. How to optimize server and protect from DDoS and other attacks...
    By mouseattack in forum Hosting Security and Technology
    Replies: 15
    Last Post: 12-22-2004, 01:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •