[c-nsp] Stop IP Fragmentation attck

Mike mike-cisconsplist at tiedyenetworks.com
Tue Apr 26 14:17:29 EDT 2016


On 04/26/2016 10:54 AM, Roland Dobbins wrote:
>
>
> But you really aren't being smart about this.  Why not use S/RTBH on 
> your edge router to simply block the sources, since they aren't spoofed?
>
> Export NetFlow from your edge router to an open-source 
> collection/analysis system, so that you can see the sources.
>

On that point, do you have any recommendations for such a 
collection/analysis system that actually works and is comprehensible?
Thanks.



More information about the cisco-nsp mailing list