mirror of
https://github.com/pavel-odintsov/fastnetmon
synced 2024-09-26 18:01:01 +02:00
432 B
432 B
We could detect really any attack targeted to channel overflow
But for very popular attack types we prepared algorithm which could give name for every attack of following type:
- syn_flood: TCP packets with enabled SYN flag
- udp_flood: flood with UDP packets (so recently in result of amplification)
- icmp flood: flood with ICMP packets
- ip_fragmentation_flood: IP packets with MF flag set or with non zero fragment offset