Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

detecting and blocking DoS/DDoS attacks

  • From: Constantinos A. Kotsokalis
  • Date: Tue Mar 05 12:37:37 2002


Hello everyone,
I recently finished the latest beta release of a tool to detect (and possibly block) DoS/DDoS attacks. There are a few problems that I am trying to resolve, but all in all it seems to work. The tool is released under the GPL (i.e. it is free to use and modify the source code) and is available at:

http://prdownloads.sourceforge.net/panoptis/panoptis-0.1b4.tar.gz

Any contribution to the code, or functionality tests, will be of great value. Please note that the input is provided by Cisco routers exporting NetFlow data. At the moment, versions 1 and 5 have been tested. Support for version 8 is included, but not tested at all. The tool also allows for the creation of a detector mesh, in order to achieve trace-back in the case of spoofed IP addresses. Another thing to keep in mind is that it is written in C++ (so you will need a C++ compiler), it has been tested on Linux and it needs the GNU CommonC++ library (available at http://sourceforge.net/projects/cplusplus ).

Please understand that this is a beta release, so not everything might work as it should; However, enough testing will lead to a stable release which will help all of us get rid of script kiddies bringing our networks to their knees.

Thanks,
Costas

--
Constantinos A. Kotsokalis || ckotso@grnet.gr
Greek Research and Technology Network
Tel: +30 10 7474243 || Fax: +30 10 7474490





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.