DDOS solution recommendation

• Previous message (by thread): DDOS solution recommendation
• Next message (by thread): DDOS solution recommendation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There's the Cisco xRV too, should be decent for playing around with.

On 1/12/2015 午前 12:08, Dave Bell wrote:
> Maybe try the Cisco CSR1000v. In the trial mode it won't give you a
> decent throughput, but should have all features enabled.
>
> On 11 January 2015 at 15:02, Ammar Zuberi <ammar at fastreturn.net> wrote:
>> I’m stuck trying to find a virtual router environment that I can play with flowspec on. We do have some Juniper routers, but they are in production and I don’t think I want to touch flowspec on them just yet.
>>
>> Does anyone have any experience or any ideas here? Even openbgpd?
>>
>>> On Jan 11, 2015, at 6:58 PM, Roland Dobbins <rdobbins at arbor.net> wrote:
>>>
>>>
>>> On 11 Jan 2015, at 20:52, Ca By wrote:
>>>
>>>> 1. BCP38 protects your neighbor, do it.
>>> It's to protect yourself, as well.  You should do it all the way down to the transit customer aggregation edge, all the way down to the IDC access layer, etc.
>>>
>>>> 2.  Protect yourself by having your upstream police Police UDP to some
>>>> baseline you are comfortable with.
>>> This will come back to haunt you, when the programmatically-generated attack traffic 'crowds out' the legitimate traffic and everything breaks.
>>>
>>> You can only really do this for ntp.
>>>
>>>> 3.  Have RTBH ready for some special case.
>>> S/RTBH and/or flowspec are better (S/RTBH does D/RTBH, too).
>>>
>>> -----------------------------------
>>> Roland Dobbins <rdobbins at arbor.net>

• Previous message (by thread): DDOS solution recommendation
• Next message (by thread): DDOS solution recommendation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]