North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Identifying DoS-attacked IP address(es) Sniffer

  • From: alex
  • Date: Mon Dec 16 19:40:09 2002

> 
> Even though you are asking this question with regard to what can
> be done on the router itself, it's worth mentioning, if only for
> the archives, a non-router approach to the problem...especially if
> you are an enterprise network manager. It's even worth
> mentioning despite the fact that I work for a company that provides
> said approach.

> 
> Some of our enterprise customers place distributed Sniffers on their 
> internet links themselves. Upon receiving an alert, they connect to the
> Sniffer
> and click on Top Ten talkers by bytes (presented in pie/bar chart).

[skip]

You want to put a box like this to analyze and dozen OC-12c(s)? I know that
the sales people for boxes like this right now are really hurting for
business but give us a break.

Alex