North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DOS attack tracing
Quite decent suggestions On 5/10/05, Kim Onnel <[email protected]> wrote: > 3) Use flow-tools, ntop, Silktools and open-source Netflow collectors > & analyzers > 4) Apply Ingress/Egress Filtering : RFC 2827 , uRPF, Team cymru IOS template > 5) Monitor CPU/Netflow table size using SNMP > 6) Request a blackholing BGP community from your upsream provider. You start with #4, first of all. Then get #6. Then put #2 and #5 in place. After that, you get one or the other of these, if you can push through a budget for expensive kit. > 1) Get 'Cisco guard' , too expensive ? > 2) Get Arbor, Stealthflow, Esphion, too expensive ? --srs -- Suresh Ramasubramanian ([email protected])
|