Re: DDoS detection and mitigation systems

[Alex Yuriev <alex () yuriev com>]

> Do you use/develop in-house tools to analyze Netflow on your peering routers
> and have that interface in near-realtime with the said routers to null route
> (BGP and RPF) the offending sources?

Source or destination? Null routing source of DOS is not going to do you any
good. Null routing destination, especially automatically null routing
destination, creates a large possibility of shooting yourself in a foot.

Alex