Fat-Loud-Blokes-World-Of-Wierd

Security isn't thin

ITS LARGE

LOUD AND

FAT

<--------------On the job!!!!!!!

OBESEUS - A new type of DDOS protector

This is the OBESEUS page - A DDOS detector and divertor designed to be simple

Design Documentation
This covers

What is a DOS attack
What is a DDOS attack
How DDOS attack detectors work
How is Obeseus different
What is the future roadmap

OBESEUS SOURCE

Source
Signatures
Makefiles

OBESEUS SOURCE v7-1a
This version was inspired by the guys from Team Cymru back in 2010 who bought me a nice chinese meal. They said they were publicising free-to-use tools that could be used by ISPs in the developing nations and that it might result in low-cost migators for lower bandwidths. Hence a further release of the non-FPGA Intel only version written in "c" with PCAP and BPF.
Some how it never got released fully (for 2 years) - although It was used for a while by a couple of ISPs in the US (e.g. Server Origins with their EthProxy - now no more ) and a couple in South America.
It detects TCP flood (SYN /RST), Fragment Floods, raw ICMP/TCP/UDP, reflected (DNS / SMURF) and BOGON misuse. It also detects application mis-use in HTTP and UDP.
This was updated in July 2010 based on comments by several ISPs in Brazil, US and several other locations who used it to protect their network and seemed to think quite highly of it. In this release OBESEUS was made completely configurable and parameter driven. It was never intended to not release it publicly in some form or other --- it slipped my mind
Anyway - I remembered that this improved version had never been publicly released so here it is -- 3 years later

Performance
How OBESEUS Performs

[Back 2 LFB]


	Design Documentation	This covers What is a DOS attack What is a DDOS attack How DDOS attack detectors work How is Obeseus different What is the future roadmap
	OBESEUS SOURCE	Source Signatures Makefiles
	OBESEUS SOURCE v7-1a	This version was inspired by the guys from Team Cymru back in 2010 who bought me a nice chinese meal. They said they were publicising free-to-use tools that could be used by ISPs in the developing nations and that it might result in low-cost migators for lower bandwidths. Hence a further release of the non-FPGA Intel only version written in "c" with PCAP and BPF. Some how it never got released fully (for 2 years) - although It was used for a while by a couple of ISPs in the US (e.g. Server Origins with their EthProxy - now no more ) and a couple in South America. It detects TCP flood (SYN /RST), Fragment Floods, raw ICMP/TCP/UDP, reflected (DNS / SMURF) and BOGON misuse. It also detects application mis-use in HTTP and UDP. This was updated in July 2010 based on comments by several ISPs in Brazil, US and several other locations who used it to protect their network and seemed to think quite highly of it. In this release OBESEUS was made completely configurable and parameter driven. It was never intended to not release it publicly in some form or other --- it slipped my mind Anyway - I remembered that this improved version had never been publicly released so here it is -- 3 years later
	Performance	How OBESEUS Performs
	[Back 2 LFB]