[27606] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

DDoS: CAR vs TCP-Intercept vs NetFlow

daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Mon Feb 28 20:55:44 2000

From: "Rubens Kuhl Jr." <rkuhljr@uol.com.br>
To: <nanog@merit.edu>
Date: Mon, 28 Feb 2000 22:53:41 -0300
Message-ID: <004c01bf8257$cdf16c20$5cf1e7c8@users.uol.com.br>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu

Have anyone performed an evalution of rate-limiting SYN packets (CAR) versus
using TCP-Intercept ? What responds better to a DDoS attack (assume
SYN-flooding only) ? What uses more router resources ?

For better performance of CAR or TCP-Intercept, NetFlow switching (ip
route-cache flow) should also be used, besides CEF ?

Rubens Kuhl Jr.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[27606] in North American Network Operators' Group

DDoS: CAR vs TCP-Intercept vs NetFlow

daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)Mon Feb 28 20:55:44 2000

daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Mon Feb 28 20:55:44 2000