[c-nsp] front-end box to protect wimpy Cisco router from DoS?
Ed Ravin
eravin at panix.com
Fri May 11 02:59:01 EDT 2007
I have an elderly 7200 NPE-225 box on my network that has no problem handling
normal traffic, but every now and then someone sends a DoS attack
in its general direction and the poor thing is unable to do anything
useful until we throttle the attack further upstream.
We don't have the spare cash to upgrade the 7200 into a more manly router.
One idea being passed around is to build a Linux box with IPCOP or some
similar software that will do rate-limiting and otherwise detect
nasty floods of packets and keep the 7200 from getting flooded.
Does anyone here have recommendations on an inexpensive hardware/software
solution for this purpose? We like free software, of course, but we'd
consider a reasonably priced commercial product if it could do the job.
Thanks,
-- Ed
More information about the cisco-nsp
mailing list