FastNetMon is a very high performance DDoS detector built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow and SPAN/port mirror.
It could detect malicious traffic in your network and immediately block it with BGP blackhole or BGP flow spec rules.
It has solid support for all top network vendors and has unlimited scalability due to flexible design.
You could integrate FastNetMon into any existing network without any changes and additional hardware!
Based on our record, MASSCAN should be more popular than FastNetMon. It has been mentiond 27 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Can I get banned for mass scanning with https://github.com/robertdavidgraham/masscan or does it slow down any other vms from other persons? Source: about 1 year ago
Nope, this doesn't work any more. Shodan checks all ports (so any attackers using data from Shodan already know which ports you have open), and tools like masscan (https://github.com/robertdavidgraham/masscan) let you portscan the entire IPv4 address space in less than 10 minutes. Source: about 1 year ago
The discord user at the time used the tool "Masscan" to scan every 25565 port on the internet, he claims he was able to get the entire internet scanned in just a few minutes with a 512MB buyvm slice. Source: about 1 year ago
Changing the default port does nothing for security. It only prevents some basic brute force or default password scripts. Anyone is able to scan for it in no time anyway (https://github.com/robertdavidgraham/masscan). Source: about 1 year ago
But it should blow away the far-too-common belief that no-one's after you because you're not interesting enough. IPv4 is smaller than we think. It is not difficult to scan the entire ipv4 space in minutes. And every single one of those is going to knock your door on the way past. Source: about 1 year ago
If you have a BGP peering with you ISP/upstream provider, ask them if they have a blackhole community you can broadcast to. Usually they are ASN:666. The only downside is you would only be able to advertise your IP address to that, essentially killing your internet (if that's your only IP) as long as the block is up. We usually set our filter to 15 minutes and most attackers give up after that. At this level, you... Source: about 1 year ago
Have you looked at fastnetmon ? It's freemium and It looks like the commercial version would work you, but I think the community edition is aslo worth a look. It's primary function is to detect DDOS attacks, but it can export data in ways that might be useful to you. Source: about 2 years ago
To mitigate DoS attacks means you need information - preferably before the users start screaming. Running sampling on your edge router with something like Fastnetmon will give you alerting of a probable DDoS attack before it becomes a significant problem. Source: almost 3 years ago
Nmap - Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.
NetVizura NetFlow Analyzer - NetFlow Analyzer is a solution for bandwidth monitoring and traffic analysis. It helps with traffic investigation, analysis and reporting
Advanced IP Scanner - Advanced IP Scanner shows all network devices, gives you access to shared folders, and can even remotely switch computers off. Download it Free.
Andrisoft WanGuard - DDoS protection software solution for networks. Attacks detected by NetFlow,NetStream,sFlow,jFlow,IPFIX,Port Mirroring and mitigated with firewall filters
Angry IP Scanner - Open-source and cross-platform network scanner designed to be fast and simple to use
Arbor - Easily manage product development