[c-nsp] Open-source tools(Flow-tools,
Silktools..) for DDoS detection?
David J. Hughes
bambi at Hughes.com.au
Thu Mar 3 19:49:40 EST 2005
On 04/03/2005, at 5:17 AM, Chris Roberts wrote:
> I know you said not Arbor, but I'd second this opinion. I used Arbor
> at a
> medium-sized European ISP and it was fantastic at the job. Just in the
> trial
> period found a lot of smaller DoS attacks on our network that we
> didn't even
> know were there, and this was without a particular baseline. I think
> the
> development time you'd spend building something like (we tried building
> similar with cflowd et al) would outweigh the costs... This is always
> a moot
> point if you don't have the cash though I guess :-)
Another option on the commercial front is from Esphion in New Zealand
(www.esphion.com). I've been involved with deploying their products at
a large hosting provider in Australia and I've been very impressed with
the performance and reliability. It's now an integral part (if not the
corner stone) of our DOS mitigation procedure. Good bit of kit.
David
...
More information about the cisco-nsp
mailing list