home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Tue, 10 May 2005 14:35:08 +0530 From: Suresh Ramasubramanian <ops.lists@gmail.com> Reply-To: Suresh Ramasubramanian <ops.lists@gmail.com> To: Kim Onnel <karim.adel@gmail.com> Cc: Scott Weeks <surfer@mauigateway.com>, nanog@merit.edu In-Reply-To: <e05f3929050510011943858d7c@mail.gmail.com> Errors-To: owner-nanog@merit.edu Quite decent suggestions On 5/10/05, Kim Onnel <karim.adel@gmail.com> wrote: > 3) Use flow-tools, ntop, Silktools and open-source Netflow collectors > & analyzers > 4) Apply Ingress/Egress Filtering : RFC 2827 , uRPF, Team cymru IOS templ= ate > 5) Monitor CPU/Netflow table size using SNMP > 6) Request a blackholing BGP community from your upsream provider. You start with #4, first of all. Then get #6. Then put #2 and #5 in place= . After that, you get one or the other of these, if you can push through a budget for expensive kit. > 1) Get 'Cisco guard' , too expensive ? > 2) Get Arbor, Stealthflow, Esphion, too expensive ? --srs --=20 Suresh Ramasubramanian (ops.lists@gmail.com)
home | help | back | first | fref | pref | prev | next | nref | lref | last | post |