Using CAR to Rate-Limit or Drop Excessive Malicious Traffic
CAR can be used to rate-limit suspected malicious traffic. There are two main scenarios in which it can be used:
Rate-limiting DoS attacks
Rate-limiting suspected malicious content
DoS attacks are often conducted using traffic that would have been legitimate if not sent in such excessive quantities so as to overwhelm the intended host and also consume significant amounts of network bandwidth. Often it is very difficult to differentiate the malicious from the non-malicious traffic during these types of attacks. CAR is an ideal mechanism for controlling these types of traffic, where it is difficult to differentiate legal from illegal traffic.
CAR can also be used to drop or limit traffic ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.