Internal vulnerability hosts scan to prevent DDOS
Dear members, We are a small tier-2 isp and we would like to monitor any potentials risks at our customers ip (we do not want that our AS could be used as a source for DDOS). One of many measures is to scan, on a regular basis, all our IP (PI and PA) to detect any misconfigured customers hosts which could be used for DDOS. The scan should be able to detect misconfigured ddns resolver, ntp server, ssdp host, etc...and any future cool reflection protocol. If any misconfigured hosts is detected, an alarm should raise on an dashboard, and an email send to the customers contact (RIR info), and to our noc. Radar from qrator provide a similar service via email, but we need our own server/VM, with customizables features (like email in differents languages, recall management, acknowledgement request, history (some customers do not take any actions when we inform them, so we would like to have history to put pressure on them)). Does anybody have a solution for that ? Thank in advance for your input. Best regards, -- Marcel
participants (1)
-
marcel.duregardsļ¼ yahoo.fr