Hi, recently we have experienced problems with denial-of-service attacks. Although we have good protection and a good hardware firewall configuration.
The problem is that the attacks affect services on the same node, what would be the best solution so that when a ddos/dos attack passes through the protection and reaches the destination server it does not affect other servers overloading the bandwidth of the entire node?
Is it also possible to generate a pcap automatically when a large amount of incoming traffic is detected?
The problem is that the attacks affect services on the same node, what would be the best solution so that when a ddos/dos attack passes through the protection and reaches the destination server it does not affect other servers overloading the bandwidth of the entire node?
Is it also possible to generate a pcap automatically when a large amount of incoming traffic is detected?