Well, I would recommend using an IDS and a span port on a switch. Snort (http://www.snort.org) is an opensource Intrusion detection system that ties into tools like syslog and swatch and can accurately report Intrusion and Denial of Service attempts allowing you then decide how to respond. These tools would generally rely on a unix system attached to a switch span port on the lan side of your router. -- Kevin > hi all > > anyone knows if there are any tools to detect DOS > attack on network other than turning on ip accounting > at the routers because ip accounting utilises very > much CPU resources on the router > > any inputs will be greatly appreciated > > regards > > suaveguru > > __________________________________________________ > Do You Yahoo!? > Make international calls for as low as $.04/minute with Yahoo! > Messenger http://phonecard.yahoo.com/ > Nondisclosure violations to [EMAIL PROTECTED] -------------------- http://www.siliconsamurai.net ----------------------------------------- This email was sent using SquirrelMail. "Webmail for nuts!" http://squirrelmail.org/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16156&t=16156 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
