DDOS, IDS, RTBH, and Rate limiting
Roland Dobbins
rdobbins at arbor.net
Fri Nov 21 02:37:01 UTC 2014
On 21 Nov 2014, at 9:19, Robert Duffy wrote:
> What open-source NetFlow analysis tools would you recommend for
> quickly
> detecting a DDoS attack?
I generally recommend that folks get started with something like
nfdump/nfsen or ntop. There are other, more sophisticated tools out
there, but these allow one to get up and running quickly, and to gain
valuable operational experience with which to evaluate more
sophisticated tools, if they're needed.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the NANOG
mailing list