nanog mailing list archives
Re: DDOS, IDS, RTBH, and Rate limiting
From: "Roland Dobbins" <rdobbins () arbor net>
Date: Fri, 21 Nov 2014 09:37:01 +0700
On 21 Nov 2014, at 9:19, Robert Duffy wrote:
What open-source NetFlow analysis tools would you recommend for quicklydetecting a DDoS attack?
I generally recommend that folks get started with something like nfdump/nfsen or ntop. There are other, more sophisticated tools out there, but these allow one to get up and running quickly, and to gain valuable operational experience with which to evaluate more sophisticated tools, if they're needed.
----------------------------------- Roland Dobbins <rdobbins () arbor net>
Current thread:
- RE: DDOS, IDS, RTBH, and Rate limiting, (continued)
- RE: DDOS, IDS, RTBH, and Rate limiting Frank Bulk (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting srn . nanog (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Paul S. (Nov 09)
- Re: DDOS, IDS, RTBH, and Rate limiting Joe Chisolm (Nov 09)
- DDOS, IDS, RTBH, and Rate limiting Pavel Odintsov (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Denys Fedoryshchenko (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Robert Duffy (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Tim Jackson (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Robert Duffy (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Paul S. (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Denys Fedoryshchenko (Nov 21)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 21)
- Re: DDOS, IDS, RTBH, and Rate limiting Denys Fedoryshchenko (Nov 21)
- Re: DDOS, IDS, RTBH, and Rate limiting Denys Fedoryshchenko (Nov 21)