nanog mailing list archives
Re: box against dos/ddos
From: Carlos Kamtha <kamtha () ak-labs net>
Date: Thu, 31 Jan 2013 13:52:56 -0500
Arbour Peakflow is probably the way to go. However if you don't want to spend a ton of money, you might want to consider using a stub router +bgp coupled with a server running the appropriate SNMP tools (perhaps cacti) to publish your desired data. It's not the most convenient solution but it should do.. Cheers. -CK On Thu, Jan 31, 2013 at 03:37:41PM +0100, Piotr wrote:
Hi, I looking some box (vendor, model), which i can put out of the main/product network, which can analyze packets netflow,sflow,syslog from bgp router(s) and after discover some anomaly it can do some action, for example: - Box have bgp session with bgp router and advertise attacked ip prefix with some community. Bgp router set next-hop for this prefix to /dev/null Normal traffic via bgp router is about 1G/s in and 10G/s out What is worth of looking and what you suggest ? thanks for help, Piotr
Current thread:
- box against dos/ddos Piotr (Jan 31)
- Re: box against dos/ddos Suresh Ramasubramanian (Jan 31)
- Re: box against dos/ddos Kenneth McRae (Jan 31)
- Re: box against dos/ddos dennis (Jan 31)
- Re: box against dos/ddos Jay Coley (Jan 31)
- Re: box against dos/ddos Kenneth McRae (Jan 31)
- Re: box against dos/ddos Suresh Ramasubramanian (Jan 31)
- Re: box against dos/ddos Carlos Kamtha (Jan 31)
- RE: box against dos/ddos Dixon, Justin (Jan 31)