Abstract
During the Distributed Denial of Service (DDoS) attacks, computers are made to attack other computers. Newer Firewalls now days are providing prevention against such attack traffics. McAfee SecurityCenter Firewall is one of the most popular security software installed on millions of Internet connected computers worldwide. “McAfee claims that if you have installed McAfee SecurityCentre with anti-virus and antispyware and Firewall then you always have the most current security to combat the ever-evolving threats on the Internet for the duration of the subscription”. In this paper, we present our findings regarding the effectiveness of McAfee SecurityCentre software against some of the popular Distributed Denial Of Service (DDoS) attacks, namely ARP Flood, Ping-flood, ICMP Land, TCP-SYN Flood and UDP Flood attacks on the computer which has McAfee SecurityCentre installed. The McAfee SecurityCentre software has an in built firewall which can be activated to control and filter the Inbound/Outbound traffic. It can also block the Ping Requests in order to stop or subside the Ping based DDoS Attacks. To test the McAfee Security Centre software, we created the corresponding attack traffic in a controlled lab environment. It was found that the McAfee Firewall software itself was incurring DoS (Denial of Service) by completely exhausting the available memory resources of the host computer during its operation to stop the external DDoS Attacks.
Highlights
Firewall is one of the most popular security software installed on millions of Internet connected computers worldwide
We know that the Firewall plays a vital role in defending against Distributed Denial of Service (DDoS) attacks
Sometimes they will cause some overhead while they are defending against the DDoS attacks
Summary
Firewall is one of the most popular security software installed on millions of Internet connected computers worldwide. SecurityCenter software firewall in defending the system against the Denial of Service attacks namely ARP Flood, Ping Flood, ICMP LAND, TCP-SYN Flood and UDP Flood attacks. Most recent DDoS attacks during July 4th, Independence Day weekend in 2009, on South Korean and US government websites convey the fact that even Firewalls and IPS, commonly deployed in the network, do not always help in defending against the DDoS Attacks [4,5]. Some of the DDoS attacks are the Ping Flood Attack, ICMP Land Attack, TCP-SYN Attack, ARP Flood Attack and UDP Flood Attack All of these can cause Denial of service by storming the host with the respective attack traffic. To evaluate the performance of McAfee SecurityCenter’s Personal Firewall against such DDoS attacks, we experimented with so called and commercially promoted, secure computer system, namely Apple’s iMac with Windows XP-SP2 operating system.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.