Maybe I'm in the wrong section, but does anyone knows whats the best firewall for a windows 2003 server?

I'm getting DoS attacks against me and I want them to stop, or reduce the most i can. Is a firewall the correct option for doing that? Or is there another one?

Thats it,

Thanks,

Brunno

if it's a dedicated box you got (not a vps), and you got a serious ddos problem I'd suggest talking to your provider to install a hardware firewall for your box. They're much more effective then a software firewall.

If you want to go software way, take a look at VisNetic Firewall:
http://www.deerfield.com/products/visnetic-firewall/server/

Just use the firewall which comes with server '03...

the win firewall does not have IP blocking features.
You'd need to use netsh ipsec filter for that.

The default windows firewall is basically almost useless :p

http://www.intruguard.com/products.html

Best you can buy, just my opinion.

If you are looking for a local firewall? It is not going to do anything but cause the load on the box to jump sky high and more network congestion.

If I 'had' to recommend a software based firewall for Windows...
It would be IPFW (for Windows)! Or install FreeBSD :)
http://wipfw.sourceforge.net/

This actually gives you more ability than most of the other firewalls out there...The Windows version will at some point be able to do traffic shaping...Could be nice.

The best firewalls are at the datacenter them selves, If they have good firewalls and manage ddos you wouldnt even be looking for a software firewall.

I would say go with the hardware firewalls, chat with your dc and see what options they may have available. If the have Cisco available..definitely take it!

Cisco doesn't provide much in the way of DDOS protection... Most datacenters like ThePlanet and Softlayer will offer you a PIX or Checkpoint XU appliance but it will not withstand a real attack due to its lack of intelligent packet filtering.

If you are being hit with attacks on a regular basis that are bringing the server to its knees, then I would recommend going with a datacenter or host that specializes in that kind of protection.

PIX is a brand of CISCO ;)

PIX is a brand of CISCO ;)

I dont think you read his post correctly, it gos on to say how them types of firewalls are not good for ddos filtering. :)


However serverorigin I dont get how your saying Cisco isnt good... But anyway Im not going to turn this thread in to a firewall fight thread.. Cisco is one of the leading companys out there! But I remember seeing you saying you host with sharktech and that pretty much said it all IMO! sharktech are the worst at filtering DDoS in the world.
And ALOT of other people agree with me on that.
Tis also rather intersting that the product you posted above is a google ad when you google DDoS firewalls..


If you are being hit with attacks on a regular basis that are bringing the server to its knees, then I would recommend going with a datacenter or host that specializes in that kind of protection.
Yes, I think thats the best option for the OP.

Wow completely misread that one. but i would have to agree with internal cisco in itself are leading innovators in their field. But hey to each his own.. :beer:

Sharktech has only "normal" irc shell accounts. We do not offer IRCd's out of SharkTech unless specifically requested. I am the first to say that SharkTech doesn't offer the best DDOS protection, they do a "fair" job but definitely on the low end in comparison to the datacenters we use for IRC Servers. Although, normal IRC shell (-----X/irssi/Eggdrop/psybnc) do not require as much protection as the ircd accounts.

Our IRC Servers come out of Awknet/GigeServers/Staminus. Which are typically the top 3 when it comes to IRC services... Additionally, we are the only provider that truly separates IRC shells vs IRCd's. In return, we offer a much more stable solution for our IRCd customers.

I am not saying Cisco isn't good. I highly recommend Cisco devices over competition. (Other than Juniper) I am just saying that Cisco doesn't offer a rock solid DDOS / ids solution.

Our high-end DDOS Protection plans are behind Intruguard IG200's. Which are behind Cisco edge routers, as 70% of the datacenters out there. You don't normally walk in a DC in the US without seeing Cisco, although you normally don't see those datacenters using Cisco devices for DDOS protection when they host highly targeted services as IRC.

Sharktech has only "normal" irc shell accounts. We do not offer IRCd's out of SharkTech unless specifically requested. I am the first to say that SharkTech doesn't offer the best DDOS protection, they do a "fair" job but definitely on the low end in comparison to the datacenters we use for IRC Servers. Although, normal IRC shell (-----X/irssi/Eggdrop/psybnc) do not require as much protection as the ircd accounts.

Our IRC Servers come out of Awknet/GigeServers/Staminus. Which are typically the top 3 when it comes to IRC services... Additionally, we are the only provider that truly separates IRC shells vs IRCd's. In return, we offer a much more stable solution for our IRCd customers.

I am not saying Cisco isn't good. I highly recommend Cisco devices over competition. (Other than Juniper) I am just saying that Cisco doesn't offer a rock solid DDOS / ids solution.

Our high-end DDOS Protection plans are behind Intruguard IG200's. Which are behind Cisco edge routers, as 70% of the datacenters out there. You don't normally walk in a DC in the US without seeing Cisco, although you normally don't see those datacenters using Cisco devices for DDOS protection when they host highly targeted services as IRC.

I guess sharktech would be good for just shells, massive amonts of ips for vhosts cheap ect.