While looking into pmacct to monitor our Internet edge, we are also testing is we can detect malicious activity, primarily DDoS traffic. With the current aggregators we can gather most of the required data but the one thing really missing is IP fragmentation.

I noticed there is already extensive defragmentation code so it might not be that hard to add. I'm happy to give it a try but I wanted to make sure that I'm not overlooking something and support is already there.

- Hidde

pmacct-discussion mailing list

Reply via email to