DDOS, IDS, RTBH, and Rate limiting

• Previous message (by thread): DDOS, IDS, RTBH, and Rate limiting
• Next message (by thread): DDOS, IDS, RTBH, and Rate limiting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 21 Nov 2014, at 9:19, Robert Duffy wrote:

> What open-source NetFlow analysis tools would you recommend for 
> quickly
> detecting a DDoS attack?

I generally recommend that folks get started with something like 
nfdump/nfsen or ntop.  There are other, more sophisticated tools out 
there, but these allow one to get up and running quickly, and to gain 
valuable operational experience with which to evaluate more 
sophisticated tools, if they're needed.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

• Previous message (by thread): DDOS, IDS, RTBH, and Rate limiting
• Next message (by thread): DDOS, IDS, RTBH, and Rate limiting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]