[c-nsp] Stop IP Fragmentation attck

Job Snijders job at instituut.net
Tue Apr 26 15:13:18 EDT 2016

On Tue, Apr 26, 2016 at 08:04:23PM +0100, Howard Jones wrote:
> On 26/04/2016 19:24, Job Snijders wrote:
> > FastNetMon: https://github.com/pavel-odintsov/fastnetmon
> > Here is a presentation about one deployment: https://www.youtube.com/watch?v=0ahdxp_btHY
> > 
> > 
> Nice presentation! :-) Does your upstream transit care about you
> announcing and withdrawing every 57 seconds like that?

Speaking with my employers hat on: nope, an update per minute is
perfectly acceptable. If you'd do multiple per _second_, it might be
more reason for concern.

There are a few providers that support selective blackholing:


There could be others, I do not have a full overview.

Kind regards,


More information about the cisco-nsp mailing list