Do you prefer filtered ports or closed ports on your firewall

The Eduladder is a community of students, teachers, and programmers just interested to make you pass any exams. So we solve previous year question papers for you.
In eduladder you can Ask,Answer,Listen,Earn and Download Questions and Question papers.
Watch related videos of your favorite subject.
Connect with students from different parts of the world.
Apply or Post Jobs, Courses ,Internships and Volunteering opportunity. For FREE
See Our team
Wondering how we keep quality?
Got unsolved questions? Ask Questions

Security-Interview-Questions-Advanced-->View question


Asked On2019-08-02 06:50:18 by:Gaganpreet-Gandhi

Taged users:


Likes:
Be first to like this question

Dislikes:
Be first to dislike this question
Talk about this  Delete  Like  Dislike
View all qusetions

You might like this video:Maxima and minima values of a function in a closed interval
Watch more here

Watch more videos from this user Here

Learn how to upload a video and start earning here

Answers

It depends about the situation.

For small company servers or back-end systems or intranet sites I will choose to close ports (REJECT).

The reason for that is because those server are not usually targeted by DDoS attacks and also because the external apps that requires to consume services hosted in the the servers can quickly report failures instead to hang the connections during minutes.

For example, I faced a situation that one of my admins filtered a port (DROP) by mistake that was currently in use in a streaming server, and all the client video players were displaying the “Loading…” message during minutes. The reason was that video players were waiting for the server answer and they were configured with a high connection timeout. In this case I would like to reject the connections, because if this situation happens again at least external clients can display a quickly “Unable to connect” message.

If your server is used as website that can be targeted by a DDoS attacks then I will choose the “DROP” policy because in this way your firewall is not going to consume CPU and bandwidth answering about the state of the port (Sending back ICMP messages).


Answerd on:2019-08-03 Answerd By:Ak

Likes:
Be first to like this answer

Dislikes:
Be first to dislike this answer
Talk about this  Delete  Like  Dislike

You might like this video:HTML Basics for Beginners part-2
Watch more here

Watch more videos from this user Here

Learn how to upload a video over here



Lets together make the web is a better place

We made eduladder by keeping the ideology of building a supermarket of all the educational material available under one roof. We are doing it with the help of individual contributors like you, interns and employees. So the resources you are looking for can be easily available and accessible also with the freedom of remix reuse and reshare our content under the terms of creative commons license with attribution required close.

You can also contribute to our vision of "Helping student to pass any exams" with these.
Answer a question: You can answer the questions not yet answered in eduladder.How to answer a question
Career: Work or do your internship with us.Work with us
Create a video: You can teach anything and everything each video should be less than five minutes should cover the idea less than five min.How to upload a video on eduladder