[c-nsp] Stop IP Fragmentation attck
Job Snijders
job at instituut.net
Tue Apr 26 14:24:14 EDT 2016
On Tue, Apr 26, 2016 at 11:17:29AM -0700, Mike wrote:
> On 04/26/2016 10:54 AM, Roland Dobbins wrote:
> > But you really aren't being smart about this. Why not use S/RTBH on
> > your edge router to simply block the sources, since they aren't spoofed?
> >
> > Export NetFlow from your edge router to an open-source
> > collection/analysis system, so that you can see the sources.
>
> On that point, do you have any recommendations for such a
> collection/analysis system that actually works and is comprehensible?
FastNetMon: https://github.com/pavel-odintsov/fastnetmon
Here is a presentation about one deployment: https://www.youtube.com/watch?v=0ahdxp_btHY
Kind regards,
Job
More information about the cisco-nsp
mailing list