nanog mailing list archives
RE: Identifying DoS-attacked IP address(es) Sniffer
From: alex () yuriev com
Date: Mon, 16 Dec 2002 19:52:21 -0500 (EST)
Even though you are asking this question with regard to what can be done on the router itself, it's worth mentioning, if only for the archives, a non-router approach to the problem...especially if you are an enterprise network manager. It's even worth mentioning despite the fact that I work for a company that provides said approach.
Some of our enterprise customers place distributed Sniffers on their internet links themselves. Upon receiving an alert, they connect to the Sniffer and click on Top Ten talkers by bytes (presented in pie/bar chart).
[skip] You want to put a box like this to analyze and dozen OC-12c(s)? I know that the sales people for boxes like this right now are really hurting for business but give us a break. Alex
Current thread:
- RE: Identifying DoS-attacked IP address(es) Sniffer Brennan_Murphy (Dec 16)
- RE: Identifying DoS-attacked IP address(es) Sniffer alex (Dec 16)
- RE: Identifying DoS-attacked IP address(es) Sniffer Livio Ricciulli (Dec 17)
- <Possible follow-ups>
- RE: Identifying DoS-attacked IP address(es) Sniffer alex (Dec 17)
- RE: Identifying DoS-attacked IP address(es) Sniffer alex (Dec 16)