I don't need no stinking firewall!

bill from home bill at kruchas.com
Fri Jan 8 08:02:12 CST 2010


Roland,
    I understand, but at the site we are protecting, at what point is 
the bottleneck the connection speed, and at what point is the state 
table the bottle neck.
It saves me the following uncomfortable conversation.

ME> Mr customer, remember that firewall you bought a couple of years ago 
for $$$$.
Customer> Yes...
ME> We might better throw it out. And then you can pay me to harden your 
hosts.

Or I could just re cable, and leave it turned on, they would never know 
(just kidding).

And maybe there is no way to tell, but I feel I need to ask the question.

Thanks Bill Kruchas

Dobbins, Roland wrote:
> On Jan 8, 2010, at 8:22 PM, bill from home wrote:
>
>   
>> Or as I suspect we are talking about a larger scale?
>>     
>
> Even an attacker with relatively moderate resources can succeed simply by creating enough well-formed, programatically-generated traffic to 'crowd out' legitimate traffic.
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
>     Injustice is relatively easy to bear; what stings is justice.
>
>                         -- H.L. Mencken
>
>
>
>
>   



More information about the NANOG mailing list