Home page logo

basics logo Security Basics mailing list archives

RE: Products detecting DDoS attacks
From: Dean Davis <Dean.Davis () mbg-inc com>
Date: Mon, 8 Dec 2003 14:08:32 -0500


If you're open to using Open-source, then you must consider one of the best
NIDSs, not to mention it's free, on the market: Snort. www.snort.org

You can salvage an outdated machine, arm it with 2 NICs, and place it in
stealth mode at your network's perimter or nearby, to sniff the appropriate

Dean Davis, MCSE,MCDBA,CCNA,CNA,N+,Linux+
Sr. Network Engineer
MBG, Inc.
370 Lexington Avenue
New York, NY 10017
P. 212.822.4429
F. 212.822.4499

-----Original Message-----
From: Kip Sr. [mailto:kipsr1 () yahoo com] 
Sent: Monday, December 08, 2003 12:53 PM
To: security-basics () securityfocus com
Subject: Products detecting DDoS attacks

Hello All!

I am running a small web site and I am interested in
deploying software/hardware which can detect DDoS
attacks (SYN floods, application based attacks, etc)
on my perimeter network. I have been reading that some
products will do this... like Cisco Netflow, Arbor
networks, etc.. but I am not sure how effective these
products are.

Essentially, I just looking for some good tools that
can quickly detect the source IP of zombie machines so
I can go back to my ISP and have them filter out the
traffic upstream.

Thanks in advance for your help!
Kip Sr.

Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing. http://photos.yahoo.com/



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]