Detecting Attacks

• Previous message (by thread): Detecting Attacks
• Next message (by thread): Detecting Attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/10/16 10:39 PM, subashini hariharan wrote:
> Hello,
> 
> I am Subashini, a graduate student. I am interested in doing my project in
> Network Security. I have a doubt related to it.
> 
> The aim is to detect DoS/DDoS attacks using the application. I am going to
> use ELK (ElasticSearch, Logstash, Kibanna) for processing the logs (Log
> Analytics).
> 
> My doubt is regarding how do we generate logs for detecting this attack? As
> I am new to this process, I am not sure about it.

lots of dos simply isn't targeting the application layer or even the
host especially. So, that stuff will rarely bubble up via syslog for
example until machines start to run into trouble. rather it will be
exposed via flow data or the frequent collection of interface counters.

> Also, if it is possible to do any other attacks similar to this, you can
> please give a hint about it.
> 
> Could anyone please help with this, it would be a great help!!
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20160612/627002d3/attachment.sig>

• Previous message (by thread): Detecting Attacks
• Next message (by thread): Detecting Attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]