[c-nsp] Stop IP Fragmentation attck

Job Snijders job at instituut.net
Tue Apr 26 14:24:14 EDT 2016

On Tue, Apr 26, 2016 at 11:17:29AM -0700, Mike wrote:
> On 04/26/2016 10:54 AM, Roland Dobbins wrote:
> > But you really aren't being smart about this.  Why not use S/RTBH on
> > your edge router to simply block the sources, since they aren't spoofed?
> > 
> > Export NetFlow from your edge router to an open-source
> > collection/analysis system, so that you can see the sources.
> On that point, do you have any recommendations for such a
> collection/analysis system that actually works and is comprehensible?

FastNetMon: https://github.com/pavel-odintsov/fastnetmon

Here is a presentation about one deployment: https://www.youtube.com/watch?v=0ahdxp_btHY

Kind regards,


More information about the cisco-nsp mailing list