Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| en:dpi:dpi_options:use_cases:dpi_bestpractice_ddos_find_activity [2026/02/14 15:37] – ↷ Page moved from en:dpi:dpi_options:use_cases:dpi_bestpractice_ddos_find_activity:dpi_bestpractice_ddos_find_activity to en:dpi:dpi_options:use_cases:dpi_bestpractice_ddos_find_activity elena.krasnobryzh | en:dpi:dpi_options:use_cases:dpi_bestpractice_ddos_find_activity [2026/04/14 15:57] (current) – elena.krasnobryzh | ||
|---|---|---|---|
| Line 4: | Line 4: | ||
| Initial conditions: 10Gbit channel, periodic powerful DDoS attack to one of the network ip-address takes place which leads to service degradation. | Initial conditions: 10Gbit channel, periodic powerful DDoS attack to one of the network ip-address takes place which leads to service degradation. | ||
| The DDoS attack diagram is shown below, it shows that the DDoS attack power with the current traffic power in total exceeds the channel capacity. | The DDoS attack diagram is shown below, it shows that the DDoS attack power with the current traffic power in total exceeds the channel capacity. | ||
| - | {{ : | + | {{ : |
| ===== Solution ===== | ===== Solution ===== | ||
| Since it's impossible to quickly expand the channel capacity and increase the DPI power, pursue the following sequence of actions: | Since it's impossible to quickly expand the channel capacity and increase the DPI power, pursue the following sequence of actions: | ||
| Line 203: | Line 203: | ||
| http://< | http://< | ||
| </ | </ | ||
| - | {{ : | + | {{ : |
| ==== So what does that leave us? ==== | ==== So what does that leave us? ==== | ||
| It is interesting to understand if there is a possibility simply to block an ip from the outside? Or there present a couple of dozen? \\ | It is interesting to understand if there is a possibility simply to block an ip from the outside? Or there present a couple of dozen? \\ | ||