[GTER] Fwd: FastNetMon 1.1.2 - open source solution for DoS/DDoS mitigation

Fri Jun 5 17:05:34 -03 2015

Está exportando para ele como?

2015-06-05 9:39 GMT-03:00 Guilherme de Freitas Figueiredo <gff at wkve.com.br>:

> Estou usando aqui, integrado com o graphite e grafana, funciona muito bem,
> o dificil é vc achar um average de pacotes, mbps e flows para que seja de
> detectdo como "ataque".
>
>
> Em qui, 4 de jun de 2015 às 15:04, Rubens Kuhl <rubensk at gmail.com>
> escreveu:
>
> > Projeto bem interessante...
> >
> >
> > Rubens
> >
> > ---------- Forwarded message ----------
> > From: Pavel Odintsov <pavel.odintsov at gmail.com>
> > Date: Tue, Jun 2, 2015 at 5:16 PM
> > Subject: FastNetMon 1.1.2 - open source solution for DoS/DDoS mitigation
> > To: "nanog at nanog.org" <nanog at nanog.org>
> >
> >
> > Hello, Nanog!
> >
> > I'm very pleased to present my open source DoS/DDoS attack monitoring
> > toolkit here!
> >
> > We have spent about 10 months for development of FastNetMon and could
> > present huge feature list now! :)
> >
> > Stop! What is FastNetMon?
> >
> > It's really very fast toolkit which could find attacked host in your
> > network and block it (or redirect to filtering appliance)
> >
> > This solution could save your network and your sleep :)
> >
> > Our site located here: https://github.com/FastVPSEestiOu/fastnetmon
> >
> > We support following engines for traffic capture:
> > - Netflow (v5, v9 and IPFIX)
> > - sFLOW v5
> > - port mirror/SPAN (PF_RING and netmap supported)
> >
> > Also we have deep integration with ExaBGP (huge thanks to Thomas
> > Mangin) for triggering blackhole on the Core Router or upstream.
> >
> > Since 1.0 version we have added support for following features:
> > - Ability to detect most popular attack types: syn_flood, icmp_flood,
> > udp_flood, ip_fragmentation_flood
> > - Add support for Netmap for Linux (we have prepared special driver
> > for ixgbe users: https://github.com/pavel-odintsov/ixgbe-linux-netmap)
> > and FreeBSD.
> > - Add support for PF_RING ZC (very fast but need license from ntop folks)
> > - Add ability to collect netflow v9/IPFIX data from multiple devices
> > with different templates set
> > - Basic support for IPv6 (we could receive netflow data over IPv6)
> > - Add plugin support for capture engines
> > - Add support of L2TP decapsulation (important for DDoS attack
> > detection inside tunnel)
> > - Add ability to store attack details in Redis
> > - Add Graphite/Grafana integration for traffic visualization
> > - Add systemd unit file
> > - Add ability to unblock host after some timeout
> > - Introduce support of moving average for all counters
> > - Add ExaBGP integration. We could announce attacked host with BGP to
> > border router or uplink
> > - Add so much details in attack report
> > - Add ability to store attack fingerprint in file
> >
> > We have complete support for following platforms:
> > - Fedora 21
> > - Debian 6, 7, 8
> > - CentOS 6, 7
> > - FreeBSD 9, 10, 11
> > - DragonflyBSD 4
> > - MacOS X 10.10
> >
> > From network equipment side we have tested solution with:
> > - Cisco ASR
> > - Juniper MX
> > - Extreme Summit
> > - ipt_NETFLOW Linux
> >
> > We have binary packages for this operation systems:
> > - CentOS 6:
> >
> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/packages/CentOS6
> > - CentOS 7:
> >
> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/packages/CentOS7
> > - Fedora 21:
> >
> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/packages/Fedora21
> > - FreeBSD:
> >
> https://github.com/FastVPSEestiOu/fastnetmon/tree/master/src/FreeBSD_port
> >
> > For any other operation systems we recommend automatic installer
> > script:
> > https://github.com/FastVPSEestiOu/fastnetmon/blob/master/docs/INSTALL.md
> >
> > Please join to our mail list or ask about anything here
> > https://groups.google.com/forum/#!forum/fastnetmon
> >
> > Thank you for your attention!
> >
> > --
> > Sincerely yours, Pavel Odintsov
> > --
> > gter list    https://eng.registro.br/mailman/listinfo/gter
> >
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
>