DDoS detection and mitigation systems

Alex Yuriev alex at yuriev.com
Mon Nov 3 13:36:38 UTC 2003


> Do you use/develop in-house tools to analyze Netflow on your peering routers
> and have that interface in near-realtime with the said routers to null route
> (BGP and RPF) the offending sources?

Source or destination? Null routing source of DOS is not going to do you any
good. Null routing destination, especially automatically null routing
destination, creates a large possibility of shooting yourself in a foot.

Alex




More information about the NANOG mailing list