DOS attack tracing
Suresh Ramasubramanian
ops.lists at gmail.com
Tue May 10 09:05:08 UTC 2005
Quite decent suggestions
On 5/10/05, Kim Onnel <karim.adel at gmail.com> wrote:
> 3) Use flow-tools, ntop, Silktools and open-source Netflow collectors
> & analyzers
> 4) Apply Ingress/Egress Filtering : RFC 2827 , uRPF, Team cymru IOS template
> 5) Monitor CPU/Netflow table size using SNMP
> 6) Request a blackholing BGP community from your upsream provider.
You start with #4, first of all. Then get #6. Then put #2 and #5 in place.
After that, you get one or the other of these, if you can push through
a budget for expensive kit.
> 1) Get 'Cisco guard' , too expensive ?
> 2) Get Arbor, Stealthflow, Esphion, too expensive ?
--srs
--
Suresh Ramasubramanian (ops.lists at gmail.com)
More information about the NANOG
mailing list