I don't need no stinking firewall!
bill from home
bill at kruchas.com
Fri Jan 8 14:02:12 UTC 2010
Roland,
I understand, but at the site we are protecting, at what point is
the bottleneck the connection speed, and at what point is the state
table the bottle neck.
It saves me the following uncomfortable conversation.
ME> Mr customer, remember that firewall you bought a couple of years ago
for $$$$.
Customer> Yes...
ME> We might better throw it out. And then you can pay me to harden your
hosts.
Or I could just re cable, and leave it turned on, they would never know
(just kidding).
And maybe there is no way to tell, but I feel I need to ask the question.
Thanks Bill Kruchas
Dobbins, Roland wrote:
> On Jan 8, 2010, at 8:22 PM, bill from home wrote:
>
>
>> Or as I suspect we are talking about a larger scale?
>>
>
> Even an attacker with relatively moderate resources can succeed simply by creating enough well-formed, programatically-generated traffic to 'crowd out' legitimate traffic.
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> Injustice is relatively easy to bear; what stings is justice.
>
> -- H.L. Mencken
>
>
>
>
>
More information about the NANOG
mailing list