We could detect attacks targeted to channel overflow

We have complete support for following attack types:

  • syn_flood: TCP packets with enabled SYN flag
  • udp_flood: flood with UDP packets (so recently in result of amplification)
  • icmp flood: flood with ICMP packets
  • ip_fragmentation_flood: IP packets with MF flag set or with non zero fragment offset
  • DNS amplification
  • NTP amplification
  • SSDP amplification
  • SNMP amplification