[123825] in North American Network Operators' Group
Re: OBESEUS - A new type of DDOS protector
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Tue Mar 16 17:23:41 2010
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG list <nanog@nanog.org>
Date: Tue, 16 Mar 2010 21:23:14 +0000
In-Reply-To: <BLU0-SMTP9936E874107349B2BEFFA9C82D0@phx.gbl>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mar 17, 2010, at 2:56 AM, Guillaume FORTAINE wrote:
> What about Argus ? [1]
Argus is OK, but I believe that it mainly relies upon packet capture - it d=
oes now support NetFlow v5, and v9 support as well as support for Juniper f=
low telemetry and others is supposed to be coming.
I've personally not played with Argus and NetFlow; nfdump/nfsen is a useful=
open-source NetFlow collection/analysis system.
> https://www.dpacket.org/
This is Web forum focused on discussions regarding DPI, which is orthogonal=
to IDMS.
> Me and my partners are working on a Flow Based Security Awareness=20
> Framework for High-Speed Networks.
>=20
> http://docs.google.com/viewer?url=3Dhttp://www.vabo.cz/spi/2009/presentat=
ions/03/02-celeda_rehak_CAMNEP_no_video.pdf
>=20
> For a demo :
>=20
> http://demo.cognitivesecurity.cz/
It's always good to see folks motivated to work on solutions they believe w=
ill benefit the community at large.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
