My suggestion would be a managed Ethernet switch on whichever side of
the J2350 that you can put it with a SPAN port to dump traffic to
Wireshark. It should be fairly easy to spot the offending traffic.
Mark
On 3/31/12 12:50 AM, Yucong Sun (叶雨飞) wrote:
Hi,
I am currently using a pair of
Additionally Netflow/jflow sampling would provide a greater level of insight.
Careful with the sampling rate however as you don't want to make the ddos
worse...
There are lots of free and paid products that will analyze jflow. Juniper sells
a Q1 labs product they call STRM. It does a great
Netflow/jflow should be useful to you.
http://kb.juniper.net/InfoCenter/index?page=contentid=KB12512
Have a look at some free collectors that will analyze the output, or consider
Juniper STRM if you are running firewalling on the box too.
I am currently using a pair of J2350 exporting about
But jflow is not going to work in packet mode, right?
On Tue, Apr 3, 2012 at 12:15 AM, Per Granath per.gran...@gcc.com.cy wrote:
Netflow/jflow should be useful to you.
http://kb.juniper.net/InfoCenter/index?page=contentid=KB12512
Have a look at some free collectors that will analyze the
I do not see why it would not work in packet mode.
It works on the routing platforms (MX, etc) that do not support flow mode.
But jflow is not going to work in packet mode, right?
On Tue, Apr 3, 2012 at 12:15 AM, Per Granath per.gran...@gcc.com.cy
wrote:
Netflow/jflow should be useful to
On Tue, Apr 3, 2012 at 12:20 AM, Yucong Sun (叶雨飞) sunyuc...@gmail.com wrote:
But jflow is not going to work in packet mode, right?
Netflow-like reporting is probably the right way to detect these types
of anomalies in a scalable manner. However, I can't speak to the
performance of it on
Hi,
I am currently using a pair of J2350 exporting about 200+ /32 BGP
route to my peer, and I'm been hit by DDOS several times, the hardest
part for me is to figure out which IP was getting the DDOS and
deactivate that route, which will de-announce that route to my peer.
However I have no
7 matches
Mail list logo
