DNS/NTP <censured>, a solution !
thomas.mangin at exa-networks.co.uk
Wed Feb 12 16:57:13 UTC 2014
- Exa has been under attack way too much these last weeks
- We hate to have to deal with it
- Andrisoft seems cool but does not do FlowSpec
- Arbor is known for its price (and features)
- I am from Yorkshire (How much do you pay me to find bugs in your shinny application ?)
- We can ...
- And people can not be bothered to fix the problem at source !
I have been working on making our internal tool ( Thank you Daniel ) something which can be built on and released to the community.
The repository is here: https://github.com/Exa-Networks/exaddos
The code is not even one week old but it can :
- use SNMP to monitor your EBGP interfaces
- parse IPFIX to find your top speakers
- provide you the data in an HORRIBLE web page ( but all the rendering is client side, so feel free to fix that !)
I can provide the underlying data via JSON in whatever way one may need to allow :
- graphing of links
- allow to drill down on top speakers to find proto / ports information
- "one click" get rid of that DDOS for <IP> <proto>
I did some of this stuff with ExaProxy so I am not totally useless but god knows it is not my strength !
So any help would be welcome, so I can go back on coding on BGP and not DDOS.
PS: I created a G+ community ExaDDOS .. I will try to add a mailing list later on.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the NANOG