nanog mailing list archives
Re: DOS attack tracing
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Tue, 10 May 2005 14:35:08 +0530
Quite decent suggestions On 5/10/05, Kim Onnel <karim.adel () gmail com> wrote:
3) Use flow-tools, ntop, Silktools and open-source Netflow collectors & analyzers 4) Apply Ingress/Egress Filtering : RFC 2827 , uRPF, Team cymru IOS template 5) Monitor CPU/Netflow table size using SNMP 6) Request a blackholing BGP community from your upsream provider.
You start with #4, first of all. Then get #6. Then put #2 and #5 in place. After that, you get one or the other of these, if you can push through a budget for expensive kit.
1) Get 'Cisco guard' , too expensive ? 2) Get Arbor, Stealthflow, Esphion, too expensive ?
--srs -- Suresh Ramasubramanian (ops.lists () gmail com)
Current thread:
- DOS attack tracing Richard (May 09)
- Re: DOS attack tracing Richard A Steenbergen (May 09)
- Re: DOS attack tracing Scott Weeks (May 09)
- Re: DOS attack tracing Will Yardley (May 09)
- RE: DOS attack tracing Richard (May 09)
- RE: DOS attack tracing Scott Weeks (May 09)
- RE: DOS attack tracing Steve Gibbard (May 09)
- RE: DOS attack tracing Scott Weeks (May 09)
- Re: DOS attack tracing Kim Onnel (May 10)
- Re: DOS attack tracing Suresh Ramasubramanian (May 10)
- Re: DOS attack tracing Scott Weeks (May 10)
- RE: DOS attack tracing Richard (May 09)
- <Possible follow-ups>
- RE: DOS attack tracing Hannigan, Martin (May 10)
- Re: DOS attack tracing Suresh Ramasubramanian (May 10)
- Re: DOS attack tracing Gadi Evron (May 10)
- RE: DOS attack tracing Hannigan, Martin (May 10)
- RE: DOS attack tracing Chris Ranch (May 10)
- RE: DOS attack tracing Chris Ranch (May 10)
- RE: DOS attack tracing Chris Ranch (May 10)
- RE: DOS attack tracing Chris Ranch (May 10)
- RE: DOS attack tracing Richard (May 10)