Dear Mister Dobbins,

Thank you for your reply.

Flow telemetry has demonstrated its extraordinary utility to network operators 
worldwide over the last decade, and continued advances such as Cisco's Flexible 
NetFlow and the IETF IPFIX/PSAMP effort signify that this is the broad 
consensus of the operational community.

What about Argus ? [1]

http://qosient.com/argus/


Layer-7 attacks against various types of services/apps can achieve significant 
amplification effects and disproportionate impact, are increasing in frequency 
and impact, and therefore must be addressed by any operationally viable 
solution in this space.

https://www.dpacket.org/

I believe that an effective and operationally useful open-source solution for 
basic DDoS detection/classification/traceback/mitigation can be implemented 
using existing widely-used and -understood tools/techniques as described here:

<http://mailman.nanog.org/pipermail/nanog/2010-January/016747.html>

Me and my partners are working on a Flow Based Security Awareness Framework for High-Speed Networks.

http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf

For a demo :

http://demo.cognitivesecurity.cz/



I look forward to your answer,

Best Regards,

Guillaume FORTAINE

[1] https://tools.netsa.cert.org/wiki/download/attachments/10027010/Bullard_IntroductionToArgus.pdf?version=1&modificationDate=1263221338000

Reply via email to