Silk Road forums
Discussion => Silk Road discussion => Topic started by: fuckingACE on November 27, 2012, 12:04 am
-
Without wanting to give much away... I have two Pr.ox.ySG 9000-10´s, (sorry for the . BlueCoat monitors forum posts with their products in it)... One I need as it´s in place for a customer, the other is mine and I would be happy to configure the SGOS with whatever policies you need and donate it.. If you want it unconfigured I can wipe the config and prepare the CPL code with whatever you need. Units like it are currently protecting banks (no names mentioned) and other institutions all around the world, its robust and can handle more traffic that you could throw at it.
For advice on the DDOS thing, the absolute best is a hardware appliance in front of the internet facing servers which I assume we already have.. I guess it just cant handle that volume of traffic, this can..
Also just some info although I´m sure you are already aware.
https://bto.bluecoat.com/packetguide/8.5/solutions/security/prevent-dos-attacks.htm
ACE
-
Also I was made aware of the Checkpoint DDOS Protector appliances.. I´m not sure how good they are. The checkpoint devs are a bunch of muppets anyways, but it might be worth looking into
ACE
-
How effective are these things on encrypted data? How effective are they against protocol and application-level attacks (like slow loris or opening up thousands of connections to the introduction points)? Because you can't do a traditional DDOS like syn floods against a hidden service. A Tor circuit only works if a proper TCP handshake is done.
And these things look like they scan for traditional DDOS attacks.
-
Very generous ACE. Not sure you will be taken up on the donation, but generous nonetheless.
-
Nice, +1!
-
Thank you!
-
How effective are these things on encrypted data? How effective are they against protocol and application-level attacks (like slow loris or opening up thousands of connections to the introduction points)? Because you can't do a traditional DDOS like syn floods against a hidden service. A Tor circuit only works if a proper TCP handshake is done.
And these things look like they scan for traditional DDOS attacks.
Its application aware, can monitor open TCP sessions. supports ssl end to end by decrypting traffic on the device and proxying the traffic to the web server. In effect the appliance becomes your ssl terminator forwarding connections to the web server. It completely isolates the WS by terminating the sessions locally. The idea really is that you set policies based on traffic behavior. ie. eliminate stale sessions after x amount of time etc etc.. possibilities are endless PM me if your interested in getting the SGOS product guide and having a look.
-
lol guess not, Well I´m gonna carry on testing with it, offer is always open
-
very generous of you. I would PM SR support or DPR with this offer. i doubt he checks forum posts often.
-
Might be just a tad bit of a security risk for DPR to take network appliances from anonymous forum members...
Not saying anything about you in particular, but that just ain't a viable option. ("sure, send it to Silk Road Anonymous Tor Site LLC, PO Box 532, etc")
Besides which, with a 10% vig DPR can buy his own damn hardware.
-
DPR is not going to compromise his information to receive a hardware from a random person on the forums. At least, I hope he's smart enough to not do that.
I think you can offer your expertise on making SR server more resilient to attacks and hacks. You may want to throw up another thread or message SR support if you think you can improve their system.