Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
583 Views 1 Reply Latest reply: Oct 12, 2012 10:19 AM by Regis RSS
senthilmanick Newcomer 9 posts since
Apr 5, 2012
Currently Being Moderated

Oct 12, 2012 12:15 AM

Mitigation for DoS attack

I am using "McAfee VirusScan Enterprise 8.8", Will it handle the Denial-Of-Service attack? Do I need to do some configuration to secure the system from this attack?

  • Regis Champion 457 posts since
    Oct 6, 2010
    Currently Being Moderated
    1. Oct 12, 2012 10:19 AM (in response to senthilmanick)
    Re: Mitigation for DoS attack

    In a word, no.

     

    A host-based antimalware tool won't do a thing against traditional DOS  nor against distributed DOS (DDOS) attacks.     

     

    DDOS is a network issue.   Can you survive a 70Gbps DDOS?  Most likely the answer is a flat no.   Do you need to?   Can you afford to?  are the next questions.    To have a plan in place to survive DDOS involves working with  your network providers and rethinking application hosting decisions.  What do you push to the cloud for your DNS and app hosting?  If all of your things are hanging off a 5Mbps network connection, you can be dos'd off the net quite trivially.    Is your risk posture for DDOS such that you team up with a Verizon/Prolexic/Neustar or any network provider with Arbor Networks gear, HUGE pipes, and staff that knows what to do with them?     Does your regular bandwidth provider have DDOS mitigation capability?  Or if you call them with a problem will they only be able to black hole route IP's?   Or do they have a screening router on their end where they can actually do ACL's to respond to DDOS?     It's a complicated question, but no, none of it has a thing to do with host-based anti-virus.

     

    DOS issues can also be related to application vulnerabilities.  Patching those applications can address those vulns that cause DOS conditions.   Web server configuration and hardening to slowloris and other resource exhaustion attacks are also part of a comprehensive plan to be as hard as you can against DOS's.

     

    However, often, businesses have way bigger and more basic problems to deal with that are of higher probability of biting them than the off chance they'll end up in the crosshairs of people pointing DDOS tools at them en masse. 

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points