North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IDS/DDOS prevention hardware that doesnt cost $80,000+?

  • From: Kim Onnel
  • Date: Wed May 25 10:49:32 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:references; b=b8zArUelDM8wej1P8R3VRsEr7yoXvloCZAPVU5M0jGBMVRhcsvXLkM3bgcksLWf3KhR3BUpX3nkf/d3mReEvtj4PccVBdyk8JE4qqOILra8MYh5iGdVEzJn8I7zDjVvZydRV9JNDLDjkj/g0NWJye4yOFITbw1xQ8I6D4RjhIqs=

Cisco routers and switches export network accounting information
you can write a software that reads these flows and report to you who is the Top Talker/DDoS
or you can get an open-source one (flow-tools, ntop,..)
or you can buy one (Arbor, lancope, crannog,...)



On 5/25/05, Drew Weaver <[email protected]> wrote:

            I'm wondering if there is such an animal out there? All of the ones I have seen are made for the multi-gigabit service provider there aren't any for the smaller mid-rangers out there. Can anyone suggest anything that we can put in place? The attacks we're seeing are just a huge influx of PPS not so much the amount of bandwidth.

 

Offlist to keep chatter low is fine with me.

 

Sorry to be a bother,

 

-D