Security Basics mailing list archives
RE: Products detecting DDoS attacks
From: Dean Davis <Dean.Davis () mbg-inc com>
Date: Mon, 8 Dec 2003 14:08:32 -0500
Kip: If you're open to using Open-source, then you must consider one of the best NIDSs, not to mention it's free, on the market: Snort. www.snort.org You can salvage an outdated machine, arm it with 2 NICs, and place it in stealth mode at your network's perimter or nearby, to sniff the appropriate traffic. Thanks, Dean Davis, MCSE,MCDBA,CCNA,CNA,N+,Linux+ Sr. Network Engineer MBG, Inc. 370 Lexington Avenue New York, NY 10017 P. 212.822.4429 F. 212.822.4499 http://www.mbg-inc.com -----Original Message----- From: Kip Sr. [mailto:kipsr1 () yahoo com] Sent: Monday, December 08, 2003 12:53 PM To: security-basics () securityfocus com Subject: Products detecting DDoS attacks Hello All! I am running a small web site and I am interested in deploying software/hardware which can detect DDoS attacks (SYN floods, application based attacks, etc) on my perimeter network. I have been reading that some products will do this... like Cisco Netflow, Arbor networks, etc.. but I am not sure how effective these products are. Essentially, I just looking for some good tools that can quickly detect the source IP of zombie machines so I can go back to my ISP and have them filter out the traffic upstream. Thanks in advance for your help! Kip Sr. __________________________________ Do you Yahoo!? New Yahoo! Photos - easier uploading and sharing. http://photos.yahoo.com/ --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Products detecting DDoS attacks Kip Sr. (Dec 08)
- RE: Products detecting DDoS attacks Wayne S. Ackley (Dec 09)
- <Possible follow-ups>
- RE: Products detecting DDoS attacks Dean Davis (Dec 08)
- Re: Products detecting DDoS attacks Brad Arlt (Dec 09)