[176230] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: DDOS, IDS, RTBH, and Rate limiting

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Thu Nov 20 21:37:16 2014

X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: nanog@nanog.org
Date: Fri, 21 Nov 2014 09:37:01 +0700
In-Reply-To: <CAMY-7PqV8vdQu_M3=B2onVOdxnkz5taedVKTbXAj0Z+zgTGP_A@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org

On 21 Nov 2014, at 9:19, Robert Duffy wrote:

> What open-source NetFlow analysis tools would you recommend for 
> quickly
> detecting a DDoS attack?

I generally recommend that folks get started with something like 
nfdump/nfsen or ntop.  There are other, more sophisticated tools out 
there, but these allow one to get up and running quickly, and to gain 
valuable operational experience with which to evaluate more 
sophisticated tools, if they're needed.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[176230] in North American Network Operators' Group

Re: DDOS, IDS, RTBH, and Rate limiting

daemon@ATHENA.MIT.EDU (Roland Dobbins)Thu Nov 20 21:37:16 2014

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Thu Nov 20 21:37:16 2014