|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: A useful oversimplification for network surveillance?
Howard, I'd most certainly use an IDS (i.e. SNORT) for this instead of netfow.... - ferg -- "Howard C. Berkowitz" <[email protected]> wrote: NetFlow is the key to analyzing traffic patterns outside the router, looking for DDoS signatures when known, and for traffic anomalies that may become DDoS. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [email protected] or [email protected] ferg's tech blog: http://fergdawg.blogspot.com/
|