|
![](/i/fill.gif) |
>> So how do you prevent somebody connecting to your server a thousand
>> times per second and feeding it duff credentials, thereby preventing any
>> legitimate users logging in, and wasting lots of CPU power?
>>
>> See, security isn't so simple...
>>
>
> by having a real firewall (such as the aforementioned Cisco ASA)
> configured to throttle individual connections. ;)
I'm sorry, I thought we were still talking about "why the average home
user can't easily send a file to another average home user". :-) I doubt
many home users will pay hundreds of pounds for a Cisco ASA and spend
god-knows how long learning what "tee sea pee eye pee" is in order to
set this up.
> Now the /b/tard in question would have to use zombie PCs to do his DOS
> against your machine.
Yeah, because none of the script kiddies have figured out how to do
that. ;-)
Then again, if somebody decides to DDoS you, it doesn't matter if you
have *no* ports exposed to the Internet... You still get no service.
Sometimes I think it would be nice if there was a widely-supported
standard for configuring the firewall at the /other end/ of the last
mile to drop certain packets. But anyway...
Post a reply to this message
|
![](/i/fill.gif) |