8266f01d50
Add simple build tests using github workflows. This is initial commit, and i suggest to inspect if all dependencies installed. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com> |
||
---|---|---|
.circleci | ||
.github | ||
docs/images | ||
src | ||
tests | ||
.gitignore | ||
.gitmodules | ||
LICENSE | ||
README.md | ||
SECURITY.md | ||
THANKS.md |
Community Edition
FastNetMon - A high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror).
What do we do?
We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event. These configurable actions include notifying you, calling script or making BGP announcements.
Project
🌏️ Official site
⭐️ FastNetMon Advanced, Commercial Edition
🌟️ FastNetMon Advanced, free one-month trial
📜️ FastNetMon Advanced and Community difference table
📘️ Detailed reference
Legal
📖 FastNetMon Community Edition Terms and Conditions
🔏️ FastNetMon Community Edition Privacy Notice
FastNetMon is a product of FastNetMon LTD, UK. FastNetMon ® is a registered trademark in the UK and EU.
By installing or using this software, you confirm that you have read and agree to the FastNetMon Community Edition T&Cs and Privacy Notice, which will apply to your installation and use of the software
Installation
Supported packet capture engines
- NetFlow v5, v9, v9 Lite
- IPFIX
- v5
- PCAP
- AF_PACKET (recommended)
- AF_XDP (XDP based capture)
- Netmap (deprecated, still supported only for FreeBSD)
- PF_RING / PF_RING ZC (deprecated, available only for CentOS 6 in 1.2.0)
You can check out the comparison table for all available packet capture engines.
Features
- Detects DoS/DDoS in as little as 1-2 seconds
- Scales up to terabits on single server (sFlow, Netflow, IPFIX) or to 40G + in mirror mode
- Trigger block/notify script if an IP exceeds defined thresholds for packets/bytes/flows per second
- Thresholds can be configured per-subnet basis with the hostgroups feature
- Email notifications about detected attack
- Complete IPv6 support
- Prometheus support: system metrics and total traffic counters
- Flow and packet export to Kafka in JSON and Protobuf format
- Announce blocked IPs via BGP to routers with ExaBGP or GoBGP (recommended)
- Full integration with InfluxDB and Graphite
- API
- Redis integration
- MongoDB protocol support compatible with native MongoDB and FerretDB
- VLAN untagging in mirror and sFlow modes
- Capture attack fingerprints in PCAP format
We track multiple platform and environment-specific metrics to understand ways how our product is being used and prioritise development accordingly.
Official support groups:
- Mailing list
- Slack
- IRC: #fastnetmon at irc.libera.chat:6697 (TLS) web client
- Telegram: fastnetmon
- Discord: fastnetmon