Re: OBESEUS - A new type of DDOS protector

[Guillaume FORTAINE <gfortaine () live com>]

Dear Mister Dobbins,

Thank you for your reply.

> Argus is OK, but I believe that it mainly relies upon packet capture - it does now support NetFlow v5, and v9 support 
> as well as support for Juniper flow telemetry and others is supposed to be coming.
>    

Argus is a superset of Netflow [1]. It's a *better* Netflow :

http://docs.google.com/viewer?url=http://www.cert.org/flocon/2009/presentations/Bullard_ControlPlane.pdf

> I've personally not played with Argus and NetFlow; nfdump/nfsen is a useful open-source NetFlow collection/analysis 
> system.
>
>    

There is also Psyche from Pontetec that is a better nfsen :

http://psyche.pontetec.com/


> > Me and my partners are working on a Flow Based Security Awareness
> > Framework for High-Speed Networks.
> >
> > http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf
> >
> > For a demo :
> >
> > http://demo.cognitivesecurity.cz/
> >      
> It's always good to see folks motivated to work on solutions they believe will benefit the community at large.
>
>    

Thank you. The question is : Who are the people interested in our work ?

Best Regards,

Guillaume FORTAINE

[1] http://www.qosient.com/argus/argusnetflow.htm