Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IDS vs Firewall vs WAF for protect website against dos attacks

Status
Not open for further replies.

sara1995

Programmer
Jul 23, 2017
1
IR
Hi my friends. i am really confusing . i can't find out when we use firewall why we use IDS too? i think firewall is enough . for example i think when we use iptables we don't need to use snort for protect against dos . is it true?
and the other thing that confused me is that in the latest version of snort they say that it can mitigate application layer threats so if it is so why we use WAF like modsecurity ? is there any dos attack that modsecurity can detect but snort can't?
please help . i am really confusing :( . thanks a lot
 
It depends on your firewall!

A firewall allows or denies traffic based on the source and destination address and ports
But not usually on payload. Malicious traffic can still be passed through on that basis. IDS will inspect that traffic and potentially drop it based on signature of the payload.

Waf operate at the application layer...

Of course these 3 functions are becoming more consolidated onto single platforms. Hence my comment about depends on the firewall

Take Care

Matt
I have always wished that my computer would be as easy to use as my telephone.
My wish has come true. I no longer know how to use my telephone.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top