Results 1 to 4 of 4

Thread: Network flood detection/protection

  1. #1
    Junior Member
    Join Date
    Sep 2001
    Posts
    18

    Question Network flood detection/protection

    I need a program that runs on our router(a linux box) that can watch all our four segments and send out an alert(eg. an email or something like that) if someone starts to flood the network with e.g. ping-flood,winnukes,syn-flood and so on.

    We have to use it on a party network, my company has specialized in delivering network for computerpartis.

    And we found that flooding attacks has come very populare so we need som protection.


    Mike

  2. #2
    hehbris
    Guest
    HAVE YOU CONSIDERED IPCHAINS YOU FOOL

  3. #3
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    hmm, not sure what kind of commercial tools are out there for your linux box, but... you might try Snort, it is an open souce Intrusion Detection system, that has rules you can set to only scan for floods of various types, if you want...

    Try...

    www.snort.org

    There are lots of different add on packages that people have created, for notification, storing alerts/packets in databases, etc, etc... snort can be pretty resource hungry, but if you are only looking for floods, then the number of rules it works with is very low, so resources might not be an issue for you..

  4. #4
    Junior Member
    Join Date
    Sep 2001
    Posts
    18

    !

    hehbris>Im talking nice to you, then i except you to do the same

    IchNiSan> i will check out snort


    But i dont need a filter, i need a program that can "sniff" the network. If i use ip-chains i cant prevent network flooding. I can prevent the net-flood from crossing the routers but thats dont what i need.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •