SeFlow.Net - SeGuard ™ 2.2 Now Avaiable - Bogon filtering and SYN check improvements

SeFlow, a leading italian company in IT security announces release of SeGuard ™ 2.2, the lucky DDoS Mitigation tool.

A bogon prefix is a route that should never appear in the Internet routing table. A packet routed over the public Internet (not including over VPNs or other tunnels) should never have a source address in a bogon range. These are commonly found as the source addresses of DDoS attacks. Bogons are defined as Martians (private and reserved addresses defined by RFC 1918,RFC 5735, andRFC 6598) and netblocks that have not been allocated to a regional internet registry (RIR) by the Internet Assigned Numbers AuthorityFullbogons are a larger set which also includes IP space that has been allocated to an RIR, but not assigned by that RIR to an actual ISP or other end-user. IANA maintains a convenient IPv4 summary page listing allocated and reserved netblocks, and each RIR maintains a list of all prefixes that they have assigned to end-users. It is important to realize that the bogon and fullbogon lists are NOT static lists. IP ranges are regularly added to, and more importantly, removed from the bogon lists. Most company not  had time to maintain this list and prefer to not filter it. SeGuard ™ 2.2 now hold an internal list that will be auto updated evey week and inject bogon prefix in our edge routers. All packets with these source prefix will be dropped. How much does it help to filter the bogons? In one study conducted by Rob Thomas of a frequently attacked site, fully 60% of the naughty packets were obvious bogons (e.g. 127.1.2.3, 0.5.4.3, etc.). A presentation based on that study, entitled "60 Days of Basic Naughtiness," can be viewed here

Bogons Filtering help us to reduce spoofed attack because, during a spoofed attack, source ip are fake and often include bogons in the source row. Bogons filtering is free for all SeFlow customer!

With SeGuard ™ 2.2 We introduced some improvements on SYN filtering. In previous releases only filters manage SYN attack, now, when a pattern is detected, new rules will added on firewall (that is placed before the filters) to lighten the workload and offer better filtering. Some new pattern checks was added and we should now block most of the attacks.

SeGuard ™ 2.2 and new features are avaiable for all IP Transit, Dedicated Server, FastServer and VPS services.

Thank you for choosing SeFlow internet Services.


 
© 2017 SeFlow All Rights reserved | Home | Server Dedicati | Server Virtuali | Domini | Contatti