About Source IP Mitigation in FastNetMon Advanced

17 views
Skip to first unread message

Krish Mavani

unread,
Jun 26, 2026, 5:30:10 AMJun 26
to FastNetMon user group
We are currently using FastnetMon Advanced as DDoS mitigation for our solution.
Fastnetmon primarily mitigates attacks by announcing the host IP via BGP/Flowspec or blackholing(RTBH), notify scripts and eBPF/XDP  depending on the deployment.

This effectively protects the infrastructure, it also means the protected service becomes unavailable to legitimate users during the attack.

Is there a recommended way in FastNetMon Advanced to mitigate attacks by blocking or filtering the attacker (source) IPs instead of the destination (host) IP?

If Yes, then what is the recommended approach? Are people integrating it with XDP/eBPF, nftables, ipset, or other firewall mechanisms?

I'd be interested in understanding how this is typically handled in production deployments and what the recommended architecture is.

Thanks.

Pavel Odintsov

unread,
Jun 26, 2026, 5:58:04 AMJun 26
to Krish Mavani, FastNetMon user group
Hello!

You can find more information about source based detection here: https://fastnetmon.com/docs-fnm-advanced/automatic-blocks-for-remote-attackers/

--
Follow us on social media: Twitter: https://twitter.com/fastnetmon | Facebook: https://www.facebook.com/fastnetmon/ | LinkedIn: https://www.linkedin.com/company/fastnetmon/
---
You received this message because you are subscribed to the Google Groups "FastNetMon user group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fastnetmon+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/fastnetmon/4bf596d8-4ec5-4a1b-94db-46ee19221d83n%40googlegroups.com.


--

___________

Kind regards,

Pavel Odintsov

Founder, FastNetMon LTD

fastnetmon.com


Reply all
Reply to author
Forward
0 new messages