OBESEUS - A new type of DDOS protector
Guillaume FORTAINE
gfortaine at live.com
Tue Mar 16 19:56:31 UTC 2010
Dear Mister Dobbins,
Thank you for your reply.
> Flow telemetry has demonstrated its extraordinary utility to network operators worldwide over the last decade, and continued advances such as Cisco's Flexible NetFlow and the IETF IPFIX/PSAMP effort signify that this is the broad consensus of the operational community.
>
What about Argus ? [1]
http://qosient.com/argus/
> Layer-7 attacks against various types of services/apps can achieve significant amplification effects and disproportionate impact, are increasing in frequency and impact, and therefore must be addressed by any operationally viable solution in this space.
>
https://www.dpacket.org/
> I believe that an effective and operationally useful open-source solution for basic DDoS detection/classification/traceback/mitigation can be implemented using existing widely-used and -understood tools/techniques as described here:
>
> <http://mailman.nanog.org/pipermail/nanog/2010-January/016747.html>
>
Me and my partners are working on a Flow Based Security Awareness
Framework for High-Speed Networks.
http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf
For a demo :
http://demo.cognitivesecurity.cz/
I look forward to your answer,
Best Regards,
Guillaume FORTAINE
[1]
https://tools.netsa.cert.org/wiki/download/attachments/10027010/Bullard_IntroductionToArgus.pdf?version=1&modificationDate=1263221338000
More information about the NANOG
mailing list