I agree with and like the consensus reached in the last post!
However, I liked the changes put forward in the original posting for their workload limiting factors more than any other reason.
Had the client we implemented, at the last gaming site I worked for, used a port other than 80 for its connectivity to our core networks, I'm sure we could have disposed off much of the 2Gb/s DOS and attack traffic we recieved, without anywhere near as much work.
Concentrating our efforts on blocking those malicious connections that had made to jump to another port, I'm sure, would have been advantageous!!
If I am ever in a similar position again I will strongly recommend making this change.
...Even though I only found this page because I was searching for a link to back up the old addage "security by obscurity is no security"
Agree but not for security reasons
I agree with and like the consensus reached in the last post!
However, I liked the changes put forward in the original posting for their workload limiting factors more than any other reason.
Had the client we implemented, at the last gaming site I worked for, used a port other than 80 for its connectivity to our core networks, I'm sure we could have disposed off much of the 2Gb/s DOS and attack traffic we recieved, without anywhere near as much work.
Concentrating our efforts on blocking those malicious connections that had made to jump to another port, I'm sure, would have been advantageous!!
If I am ever in a similar position again I will strongly recommend making this change.
...Even though I only found this page because I was searching for a link to back up the old addage "security by obscurity is no security"