Yogesh Chauhan's Blog

Can Firewall and IDPS Stop DDoS Attack?

in Miscellaneous on January 23, 2020

Firewalls and IDPS solutions are not foolproof to attacks

We can’t just rely on firewall and IDPS only and assume that everything is safe. The firewall will not work alone no matter the brand or design of the firewall. We need to understand that it’s simply just a tool in many tools of security.

The firewalls and IDPS can’t handle DDoS attacks and the reason is they are not designed to do so.

Firewalls and IDPS focus on examining as well as preventing (in some cases) one packet at a time but if an attacker sends millions of packets in a small-time frame then they won’t be able to do anything.

Why not?

Firewall and IDPS are stateful devices in which they track all the connections ad packets and inspect them and store them in a connection table. Now, they match each and every packet in the connection table and verify that it was transmitted over secured connection and the packet is legitimate. They do the same process for all the packets.

Now a typical connection table hold tens of thousands of those active connections. When an attacker sends thousands of packets per second, the firewall or IDPS will be forced to open a new connection table as the packets won’t have a record in the current connection table. They will try to store all those malicious packets in new connection and will keep doing that until it gets full and at the end, they will be out of their capacity to open a new connection. So, they will block everything on their way-even the legitimate users and their packets.

Firewall and IDPS can’t differentiate between legitimate and malicious packets

Many DDoS attack vectors such as HHTP floods contain millions of legitimate sessions. Now firewall or IDPS won’t mark those sessions as malicious and they can’t. Because they are not designed to look at the packet’s behavior. They are simple designed to inspect the session.

Most Read

#1 Solution to the error “Visual Studio Code can’t be opened because Apple cannot check it for malicious software” #2 How to add Read More Read Less Button using JavaScript? #3 How to check if radio button is checked or not using JavaScript? #4 Solution to “TypeError: ‘x’ is not iterable” in Angular 9 #5 PHP Login System using PDO Part 1: Create User Registration Page #6 How to uninstall Cocoapods from the Mac OS?

Recently Posted

#Apr 8 JSON.stringify() in JavaScript #Apr 7 Middleware in NextJS #Jan 17 4 advanced ways to search Colleague #Jan 16 Colleague UI Basics: The Search Area #Jan 16 Colleague UI Basics: The Context Area #Jan 16 Colleague UI Basics: Accessing the user interface
You might also like these
How to create a sidebar using pure CSS?CSSIntroduction to Angular modules Part 1: NgModule metadataAngularHow to add and remove list items using JavaScript?JavaScriptHow to add a new role in WordPress?WordPressHow get_template_part helps write reusable code in WordPress?WordPressThe Difference Between Arrays and Objects in JavaScriptJavaScript