McAfee launches bot killing system

McAfee has become the first hardware vendor to use a new technique it claims can reliably protect companies from the threat of botnet-launched distributed denial-of-service (DDoS) attacks.

Unlike conventional DDoS detection systems based on the statistical analysis of traffic, the first layer of the new Advanced Botnet Protection (ABP) intrusion-prevention system (IPS) uses a proxy to pass or block packet traffic dependent on whether or not it is “complete."

DDoS attacks typically use armies of hijacked PCs to target a server or WAN link with large amounts of incomplete SYN packets from false addresses, which are difficult to stop if the system cannot separate them from legitimate traffic or identify the source. McAfee launches bot-killing system - Computerworld

Linked by shanmuga Thursday, 9th February 2006 3:03AM