Hello! Thank you! Please share your experience after tests!
On Wed, Jun 3, 2015 at 5:50 PM, Budiwijaya <bbuuddi...@gmail.com> wrote: > Yep, definitely i'll give this a trial run. > We are developing nullroute application internally. > I'll try to run this in our lab. > > On Wed, Jun 3, 2015 at 3:16 AM, Pavel Odintsov <pavel.odint...@gmail.com> > wrote: >> Hello, Nanog! >> >> I'm very pleased to present my open source DoS/DDoS attack monitoring >> toolkit here! >> >> We have spent about 10 months for development of FastNetMon and could >> present huge feature list now! :) >> >> Stop! What is FastNetMon? >> >> It's really very fast toolkit which could find attacked host in your >> network and block it (or redirect to filtering appliance) >> >> This solution could save your network and your sleep :) >> >> Our site located here: https://github.com/FastVPSEestiOu/fastnetmon >> >> We support following engines for traffic capture: >> - Netflow (v5, v9 and IPFIX) >> - sFLOW v5 >> - port mirror/SPAN (PF_RING and netmap supported) >> >> Also we have deep integration with ExaBGP (huge thanks to Thomas >> Mangin) for triggering blackhole on the Core Router or upstream. >> >> Since 1.0 version we have added support for following features: >> - Ability to detect most popular attack types: syn_flood, icmp_flood, >> udp_flood, ip_fragmentation_flood >> - Add support for Netmap for Linux (we have prepared special driver >> for ixgbe users: https://github.com/pavel-odintsov/ixgbe-linux-netmap) >> and FreeBSD. >> - Add support for PF_RING ZC (very fast but need license from ntop folks) >> - Add ability to collect netflow v9/IPFIX data from multiple devices >> with different templates set >> - Basic support for IPv6 (we could receive netflow data over IPv6) >> - Add plugin support for capture engines >> - Add support of L2TP decapsulation (important for DDoS attack >> detection inside tunnel) >> - Add ability to store attack details in Redis >> - Add Graphite/Grafana integration for traffic visualization >> - Add systemd unit file >> - Add ability to unblock host after some timeout >> - Introduce support of moving average for all counters >> - Add ExaBGP integration. We could announce attacked host with BGP to >> border router or uplink >> - Add so much details in attack report >> - Add ability to store attack fingerprint in file >> >> We have complete support for following platforms: >> - Fedora 21 >> - Debian 6, 7, 8 >> - CentOS 6, 7 >> - FreeBSD 9, 10, 11 >> - DragonflyBSD 4 >> - MacOS X 10.10 >> >> From network equipment side we have tested solution with: >> - Cisco ASR >> - Juniper MX >> - Extreme Summit >> - ipt_NETFLOW Linux >> >> We have binary packages for this operation systems: >> - CentOS 6: >> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/packages/CentOS6 >> - CentOS 7: >> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/packages/CentOS7 >> - Fedora 21: >> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/packages/Fedora21 >> - FreeBSD: >> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/src/FreeBSD_port >> >> For any other operation systems we recommend automatic installer >> script: >> https://github.com/FastVPSEestiOu/fastnetmon/blob/master/docs/INSTALL.md >> >> Please join to our mail list or ask about anything here >> https://groups.google.com/forum/#!forum/fastnetmon >> >> Thank you for your attention! >> >> -- >> Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov