Hello, FreeBSD Community!
I would like to announce our tool for DDoS detection if you missed news about new port!
First of all, I want like to say thank you to our maintainer Babak Farrokhi for adding FastNetMon into FreeBSD's ports: https://www.freshports.org/net-mgmt/fastnetmon/
We have support for wide range of protocols:
And we offer number of very nice options:
I will follow this thread and you could ask any questions related with FastNetMon here!
I would like to announce our tool for DDoS detection if you missed news about new port!
First of all, I want like to say thank you to our maintainer Babak Farrokhi for adding FastNetMon into FreeBSD's ports: https://www.freshports.org/net-mgmt/fastnetmon/
We have support for wide range of protocols:
And we offer number of very nice options:
- Complete BGP Flow Spec support, RFC 5575
- Process and distinguish incoming and/or outgoing traffic
- Trigger block/notify script if an IP exceeds defined thresholds for packets/bytes/flows per second
- Thresholds can be configured per-subnet with the hostgroups feature
- Announce blocked IPs via BGP to routers with ExaBGP
- GoBGP integration for unicast IPv4 announcements (you need build support manually).
- Full integration with Graphite and InfluxDB
- API (you need build support manually)
- Redis integration
- MongoDB integration
- Deep packet inspection for attack traffic
- netmap support (open source; wire speed processing; only Intel hardware NICs or any hypervisor VM type)
- Filter NetFlow v5 flows or sFLOW packets with LUA scripts (useful for excluding particular ports)
- Supports L2TP decapsulation, VLAN untagging and MPLS processing in mirror mode
- Works on server/soft-router
- Detects DoS/DDoS in as little as 1-2 seconds
- Tested up to 10Gb with 12 Mpps on Intel i7 3820 with Intel NIC 82599
- Complete plugin support
- Captures attack fingerprints in PCAP format
- Complete support for most popular attack types
I will follow this thread and you could ask any questions related with FastNetMon here!