Login or Register to Ask a Question and Join Our Community


IP Networking

Firewall on Teardrop Attack!!!

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking Firewall on Teardrop Attack!!!
# 1  
Old 09-18-2010
Firewall on Teardrop Attack!!!
Hi, I am new in managing firewalls though I had significant experience with IP Networking already. I had just encountered time and time again a "Teardrop Attack!" on my firewall logs. Can anybody advise me on what to do or what to check about this message. Searching over the internet does not give me any significant remedy.

Thanking in advance.
# 2  
Old 09-18-2010
OpenBSD's pF is a stateful firewall that can act as a proxy for connections. The connection handshake is validated (with the client) instead of just forwarding the packet on to the destination. It is available for other BSDs as well, also known as a synproxy.

What firewall architecture are you currently using?
# 3  
Old 09-19-2010
I am using a netscreen firewall.
# 4  
Old 09-19-2010
Quote:
Originally Posted by Neo
OpenBSD's pF is a stateful firewall that can act as a proxy for connections. The connection handshake is validated (with the client) instead of just forwarding the packet on to the destination. It is available for other BSDs as well, also known as a synproxy.

What firewall architecture are you currently using?
What does your netscreen firewall documentation say about synflood attacks?

(from my mobile phone...)
# 5  
Old 09-19-2010
I don't have the document since I just inhereted it from the previous guy, but docs available online doesn't say anything.
While on wiki, it says some vulnerabilities on vista which maybe from one of my clients. I just wanted to know more about this type of attack and make sure that none of my clients will be affected nor any of them is the source.
# 6  
Old 09-19-2010
There is not much you can do about serious DDOS attacks with a simple network architecture.

If you aee concerned, you need a stateful fw. Is your firewall capabable of stateful inspection?
This User Gave Thanks to Neo For This Post:
Yenthanh
# 7  
Old 09-19-2010
I am not sure about that, but maybe it is not yet capable at this moment.
Anyways, thanks a lot for your time and for sharing your idea.
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

2. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

3. Cybersecurity

Network attack - so what?

In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies

4. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

5. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

6. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

7. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies
Login or Register to Ask a Question