deep pockets … and packets

real security needs advanced software solutions: just a simple firewall and blocking a few ports here and there will slow down the casual scriptkid, and slow down portscans, but you’ve gotta have open ones IF you care to have some data go thru

my guess is that either deep packets inspection will do the trick, or some kind of AI … that might be some years away. IF my provider would scan packets (i encrypt if i care for privacy!) they could compare thousands of IP/port combinations for usage patterns and prevent DDoS etc. like a spam filter works best if you can scan thousands of email adresses. of course the hacker comes up with some randomization, but what hosts send random packets on random ports to MY systems without me requesting data from those???

most security solutions require smart endpoints in the infrastructure, so every system has to scan its own packets, but has no comparison to what other attacks are going on in the neighborhood!