DNS/NTP <censured>, a solution !

Thomas Mangin thomas.mangin at exa-networks.co.uk
Wed Feb 12 16:57:13 UTC 2014


Hello,

Because :
 - Exa has been under attack way too much these last weeks
 - We hate to have to deal with it

Because:
 - Andrisoft seems cool but does not do FlowSpec
 - Arbor is known for its price (and features)
 - I am from Yorkshire (How much do you pay me to find bugs in your shinny application ?)

Because:
 - We can ...
 - And people can not be bothered to fix the problem at source !

I have been working on making our internal tool ( Thank you Daniel ) something which can be built on and released to the community.
The repository is here: https://github.com/Exa-Networks/exaddos

The code is not even one week old but it can :
 - use SNMP to monitor your EBGP interfaces
 - parse IPFIX to find your top speakers
 - provide you the data in an HORRIBLE web page ( but all the rendering is client side, so feel free to fix that !)

Now I would love some help ... I am NOT a web designer who find Javascript easy (I can handle jquery and basic stuff but nice CSS is not my cup of tea), so it will not look nice unless someone else make it so.

 I can provide the underlying data via JSON in whatever way one may need to allow :
 - graphing of links
 - allow to drill down on top speakers to find proto / ports information
 - "one click" get rid of that DDOS for <IP> <proto>

I did some of this stuff with ExaProxy so I am not totally useless but god knows it is not my strength !

So any help would be welcome, so I can go back on coding on BGP and not DDOS.

Thomas

PS: I created a G+ community ExaDDOS .. I will try to add a mailing list later on.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140212/0ef3f2cf/attachment.bin>


More information about the NANOG mailing list