Mastodawn

A project by a chinese team without mentioning AI once. Great. Extensing #Flowspec to distribute filtering rules based on the content of the packet not just the headers. Implemented on OpenBGPD and FRRouting.

#IETF125

Gaël Reyrol Mar 6, 2023

#DDoS detection and remediation with #Akvorado and #Flowspec - https://vincent.bernat.ch/en/blog/2023-akvorado-ddos-flowspec by @vbernat #dailylinks

DDoS detection and remediation with Akvorado and Flowspec

Build a DDoS mitigation system from the data collected by Akvorado by using Flowspec rules.

Stéphane Bortzmeyer Sep 28, 2021

RFC 9117: Revised Validation Procedure for BGP Flow Specifications

On peut utiliser #BGP pour diffuser des règles de filtrage (dites « #FlowSpec ») aux routeurs. On voit facilement qu'une annonce de règles de filtrage maladroite ou malveillante pourrait faire bien des dégâts, d'où l'importance de valider ces annonces. Mais les règles de validation étaient trop strictes et ce nouveau #RFC les adoucit légèrement.

https://www.bortzmeyer.org/9117.html

Blog Stéphane Bortzmeyer: RFC 9117: Revised Validation Procedure for BGP Flow Specifications

Show thread

Stéphane Bortzmeyer Jan 1, 2021

Et #FlowSpec marche désormais en #IPv6 !

RFC 8956: Dissemination of Flow Specification Rules for IPv6

https://www.bortzmeyer.org/8956.html

DDoS detection and remediation with Akvorado and Flowspec

Blog Stéphane Bortzmeyer: RFC 9117: Revised Validation Procedure for BGP Flow Specifications

Blog Stéphane Bortzmeyer: RFC 8956: Dissemination of Flow Specification Rules for IPv6