7Ara
How to test DOS attacks through Router?
One of my clients has been told by their ISP that a DoS attack has happened and they have provided the logs of Juniper router. What is the criteria in routers on which we can confirm DoS attack is happening/occurred?
Any article or data to show some light on finding attacks through routers? Log basically says:
Nov 5 12:24:42 RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed unset:
209.95.32.62/20443->xx.xx.xx.xx/50544 None
209.95.32.62/20443->xx.xx.xx.xx/50544 None
None 17 1000 Trust Trust 336106 0(0) 0(0) 1 UNKNOWN UNKNOWN N/A(N/A) ge-2/0/21.0
