If you set the timeout to less than 3 seconds, the system would be blocking everything including legitimate connection. The solution will be to increase the cache size.
On 12/16/05, FinAckSyn <[EMAIL PROTECTED]> wrote: > Hi Avi, > > The big problem I had with RadWare DefensePro (this > was about a year ago), was that I couldn't set the SYN > cache timeout to anything less than 3 seconds. As the > cache could only hold 64,000 SYNs, any SYN Flood > larger than 64,000/3 = 21,333 SYN/s would completely > fill the cache. > This spelt disaster every time a SYN flood hit the > network, as invalid SYNs filled up the cache, leaving > no space for new, legitimate connections to be setup. > True, the SYN Flood was mitigated, but at the expense > of any new connections (existing ones were preserved), > which is generally bad if you're dealing with critical > applications and web presences. > I would love to hear from RadWare as to whether or not > this limitation has actually being fixed, and if it > has, how their new technology now fares against the > more mature mitigation products such as TopLayer and > Riverhead. > > Rgds, > > Matt > > --- avi chesla <[EMAIL PROTECTED]> wrote: > > > Hi, You shoould also consider Rdaware's DefensePro > > with their new behavioral > > based DDoS protection. > > > > Avi > > > > > > >From: Devdas Bhagat <[EMAIL PROTECTED]> > > >Reply-To: Devdas Bhagat <[EMAIL PROTECTED]> > > >To: [email protected] > > >Subject: Re: Denial of Service: Commercial Defense > > products > > >Date: Thu, 24 Nov 2005 21:59:41 +0530 > > > > > >On 22/11/05 16:43 +0700, Ogle wrote: > > > > Hi, > > > > I have an ISP customer who want to protect their > > network and their > > > > subscriber's network. > > > > In "Internet Denial of Service: Attack and > > Defense Mecahnisms" book, I > > > > noticed 7 commercial products. > > > > 1. Mazu Enforcer by Mazu Networks > > > > 2. Peakflow by Arbor Networks > > > > 3. WS Series Apliances by Webscreen Technologies > > > > 4. Captus IPS by Captus Networks > > > > 5. MANAnet Shield by CS3 > > > > 6. Cisco Traffic Anomaly Detector XT and Cisco > > Guard XT > > > > 7. StealthWatch by Lancope > > > > > > > > Since I'm new with this type of products, is > > there any reference out > > > > there to help me choose the right solution to my > > customer ? > > > > Is there any problem if I use IPS (ie: > > TippingPoint, McAfee) for this > > >solution ? > > > > > >What kind of DoS? Is this a simple packet flooding > > choking the pipe? Is > > >this an application layer attack? Syn floods? > > Physical damage to links? > > > > > >Devdas Bhagat > > > > > > >------------------------------------------------------------------------ > > >Test Your IDS > > > > > >Is your IDS deployed correctly? > > >Find out quickly and easily by testing it > > >with real-world attacks from CORE IMPACT. > > >Go to > > > http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > > >to learn more. > > > >------------------------------------------------------------------------ > > > > > > > > _________________________________________________________________ > > Express yourself instantly with MSN Messenger! > > Download today it's FREE! > > > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ > > > > > > > ------------------------------------------------------------------------ > > Test Your IDS > > > > Is your IDS deployed correctly? > > Find out quickly and easily by testing it > > with real-world attacks from CORE IMPACT. > > Go to > > > http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > > > > to learn more. > > > ------------------------------------------------------------------------ > > > > > > > > > ___________________________________________________________ > To help you stay safe and secure online, we've developed the all new Yahoo! > Security Centre. http://uk.security.yahoo.com > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
