* Home Help Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 16 June 2024, 11:40:02 pm

Login with username, password and session length

Visit the Official Endian Bug tracker  HERE
14247 Posts in 4376 Topics by 6500 Members
Latest Member: franz
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  DOS Attack on Endian 2.5.1 from GREEN		 0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: DOS Attack on Endian 2.5.1 from GREEN  (Read 9660 times)
scp
Full Member
***
Offline Offline

Posts: 16
« on: Tuesday 29 May 2012, 04:15:03 pm »
During evaluation of Endian 2.5.1 I've tried to start a DOS attack on the firewall from a computer situated on the GREEN network side using LOIC [Low Orbit Ion Cannon].

Endian is not blocking the traffic from the computer. I get a nearly full processor load on all eight cores. Isn't there a DOS protection, which blocks such traffic. Whe I compare this to Sophos UTM software: Sophos UTM automatically blocks traffic from a computer, when a DOS attack is launched.
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495
« Reply #1 on: Wednesday 30 May 2012, 04:28:46 am »
Did you enabled IPS/snort?
Did you changed the dos rules to block instead of warning? (red shield icon)
Did you check the Intrusion Prevention logs?

If you did all these, unfortunately snort default rules doesn't block LOIC attacks, you must create your custom SNORT rules:
http://.spiderlabs.com/2011/01/loic-ddos-analysis-and-detection.html
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com