[mrtg] Re: Network Bandwidth
james edwards
hackerwacker at cybermesa.com
Thu Jun 3 22:23:29 MEST 2004
> Deb,
>
> If your boss is looking for DOS attacks, those will be painfully obvious
on
> MRTG.
I would disagree. Most DDoS are high pps attacks with very small packets.
Looking at mb/sec will not show many attacks, they are only seen by looking
at flows/sec or packets/sec.
For this, MRTG/SNMP is the wrong tool. Routers fail under high packets/sec
attacks where the total bandwith is below interface limits. Routers foward
packets
not megs.
--
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa
jamesh at cybermesa.com
noc at cybermesa.com
(505) 795-7101
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list