[81106] in North American Network Operators' Group
Re: IDS/DDOS prevention hardware that doesnt cost $80,000+?
daemon@ATHENA.MIT.EDU (Aaron Glenn)
Wed May 25 19:00:11 2005
Date: Wed, 25 May 2005 15:59:45 -0700
From: Aaron Glenn <aaron.glenn@gmail.com>
Reply-To: Aaron Glenn <aaron.glenn@gmail.com>
To: Per Gregers Bilse <bilse@networksignature.com>
Cc: Drew Weaver <drew.weaver@thenap.com>, nanog@merit.edu
In-Reply-To: <200505251922.j4PJM7w26858@spirit.qbfox.com>
Errors-To: owner-nanog@merit.edu
On 5/25/05, Per Gregers Bilse <bilse@networksignature.com> wrote:=20
> (snip)...which then deploy a unique and highly innovative
> method (patent pending) for identifying and filtering out the attack
> traffic, while letting bona fide traffic through unhindered. ...(snip)
well, that is the important part. there are plenty of off the shelf
tools that allow someone to gather and analyze pertinent network data;
the most important, and consequently most difficult, part is
differentiating the good from the bad. I'm not aware of any
free/open/cheap tools that go beyond the basic "your <insert metric
here> has exceeded the baseline" alert.
aaron.glenn
