> Deb, > > If your boss is looking for DOS attacks, those will be painfully obvious on > MRTG.
I would disagree. Most DDoS are high pps attacks with very small packets. Looking at mb/sec will not show many attacks, they are only seen by looking at flows/sec or packets/sec. For this, MRTG/SNMP is the wrong tool. Routers fail under high packets/sec attacks where the total bandwith is below interface limits. Routers foward packets not megs. -- James H. Edwards Routing and Security Administrator At the Santa Fe Office: Internet at Cyber Mesa [EMAIL PROTECTED] [EMAIL PROTECTED] (505) 795-7101 -- Unsubscribe mailto:[EMAIL PROTECTED] Archive http://www.ee.ethz.ch/~slist/mrtg FAQ http://faq.mrtg.org Homepage http://www.mrtg.org WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
