Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

IDS vs Firewall vs WAF for protect website against dos attacks

IDS vs Firewall vs WAF for protect website against dos attacks

IDS vs Firewall vs WAF for protect website against dos attacks

Hi my friends. i am really confusing . i can't find out when we use firewall why we use IDS too? i think firewall is enough . for example i think when we use iptables we don't need to use snort for protect against dos . is it true?
and the other thing that confused me is that in the latest version of snort they say that it can mitigate application layer threats so if it is so why we use WAF like modsecurity ? is there any dos attack that modsecurity can detect but snort can't?
please help . i am really confusing :( . thanks a lot

RE: IDS vs Firewall vs WAF for protect website against dos attacks

It depends on your firewall!

A firewall allows or denies traffic based on the source and destination address and ports
But not usually on payload. Malicious traffic can still be passed through on that basis. IDS will inspect that traffic and potentially drop it based on signature of the payload.

Waf operate at the application layer...

Of course these 3 functions are becoming more consolidated onto single platforms. Hence my comment about depends on the firewall

Take Care

I have always wished that my computer would be as easy to use as my telephone.
My wish has come true. I no longer know how to use my telephone.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close