 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
[Derek D. Martin: Tue, Nov 06, 2001 at 12:59:18PM -0500] > It seems to me you're completely missing my point. If my network is > overloaded, it doesn't matter whether it's with HTTP packets, ICMP I 'missed your point' because it is a non-sequitr from the one that was asked. apparently calling folks you'd never met or interacted with "stupid and/or lazy" didn't leave you enough time to read the actual question: "getting hit. Even though they are not vulnerable, the actual load from the Code Red/Nimda traffic is so high that it is causing noticeable slowdowns on those portions of our site that use those servers." Its a server problem. The problem is not shared on other portions of the site that are already filtered via load balancer. (the lb is an application layer solution btw.) I read the question. as far as routers being firewalls that's just folly meant to be argumentative. you said " Granted, they usually have a good bit of software dedicated to the task which the average router doesn't, but what's the difference?" In the context of an ISPs router (again, the topic at hand), there's a big difference and and I told you what it was. and in case it still isn't clear, NBAR still lets a significant portion of the flow through anyhow (the syn/syn-ack/ack) which is probably 35% of the total data flow.. and it causes full connection tables that applications will hate and will result in port number exhaustion for the kernel.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
