[c-nsp] DDoS Attack detection and elimination suggestions
Mikael Abrahamsson
swmike at swm.pp.se
Fri Apr 1 01:30:28 EDT 2011
On Thu, 31 Mar 2011, Lee Starnes wrote:
> I'm looking for pointers on how to best detect DDoS attacks and best
> practices for stopping one once identified.
If you define what is being attacked and how, and what you would like to
happen for it to be "stopped", you can probably get a better answer.
Stopping a DDOS against infrastructure (often a packets/second problem) is
one thing, trying to mitigate a DDOS SYN-flood against a web-server you
want to continue working is another thing.
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the cisco-nsp
mailing list