not as is, you will need to write small plugin that will extract IP from alert and inject it to RTBH like system (eg OpenBSD + OpenBGPD + database + http://packetlife.net/blog/2009/jul/6/remotely-triggered-black-hole-rtbh-routing/)
-- Vitaly Nikolaev On Oct 1, 2013, at 9:50 AM, Aaron <aar...@gvtc.com> wrote: > We like our nfsen machine. We are currently seeing nfsen alerts in emails > from thresholds we’ve set to detect (d)dos attack in our network. Is it > possible to take the ip address under attack and then have the nfsen linux > machine advertise a route into my network that is received by my internet > boundary routers in order to blackhole (null route) that ddos traffic so it > does not flow through my network ? > ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk _______________________________________________ Nfsen-discuss mailing list Nfsen-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
