Once I noticed the following warnings in the Juniper MX204 logs:
Continue reading “Warning: Host-bound traffic for protocol/exception DHCPv4:bad-packets exceeded its allowed bandwidth”Tag Archives: DDoS
Juniper. Configuring RPF in Dynamic Profiles
For example, I will configure unicast RPF (reverse-path forwarding) on Juniper MX204.
RPF allows you to reduce the impact of DOS-type attacks on IPv4 and IPv6 interfaces.
Messages net_ratelimit: X callbacks suppressed
Once I found the following messages in the dmesg log:
Continue reading “Messages net_ratelimit: X callbacks suppressed”High CPU load on Cisco Nexus 3064
Once I discovered on the graphs a large burst of Multicast packets on one of the ports of the Cisco Nexus 3064 switch, while the CPU load increased to 30%, before that it was 12% with L2 traffic of 13 Gbit/s.
Continue reading “High CPU load on Cisco Nexus 3064”Description of DNS Amplification Attacks
In this article, I will briefly describe the principle of DDoS DNS Amplification attacks.
Continue reading “Description of DNS Amplification Attacks”Boost UDP Transaction Performance
File Format: PDF
File size: 3 Mb
Author: Toshiaki Makita
NTT Open Source Software Center
Installing FastNetMon
FastNetMon – DDoS attacks detector, allows you to detect attacks and block them, for example using the BGP Flow spec, displays information in the form of graphs.
Continue reading “Installing FastNetMon”How to detect DDOS attacks
I will give examples of viewing the number of active compounds:
Continue reading “How to detect DDOS attacks”The script against DDOS attacks
I will give an example of a simple script against DDOS attacks for NAT servers.
The script is executed when the total number of “conntrack” connections is more than 500000, it saves to the text file the IP address which has the most “conntrack” connections, who has more than 10,000 – adds to the ipset list.