January 17, 2012

1.2.8 Flood Guards

A flood guard is a protection feature built into many firewalls that allow the administrator to tweak the tolerance for unanswered login attacks.

It tracks network traffic to identify scenarios that will overwhelm our network through conditions such as SYN, ping, port floods, etc. By reducing this tolerance, it is possible to reduce the likelihood of a successful DoS attack. If a resource—inbound or outbound—appears to be overused, then the flood guard kicks in.

References:

  • CompTIA Security+ Study Guide: Exam SY0-301, Fifth Edition by Emmett Dulaney

No comments:

Post a Comment