North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: A useful oversimplification for network surveillance?
Howard, I'd most certainly use an IDS (i.e. SNORT) for this instead of netfow.... - ferg -- "Howard C. Berkowitz" <firstname.lastname@example.org> wrote: NetFlow is the key to analyzing traffic patterns outside the router, looking for DDoS signatures when known, and for traffic anomalies that may become DDoS. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet email@example.com or firstname.lastname@example.org ferg's tech blog: http://fergdawg.blogspot.com/