[j-nsp] Juiper denial of service attacks...
Tom (UnitedLayer)
tom at unitedlayer.com
Sat Jan 10 19:31:29 EST 2004
On Sat, 10 Jan 2004 sthaug at nethelp.no wrote:
> It does packet filtering and policing in hardware, but traffic to the
> interface addresses on the box get handled by the MSFC2. So you need to
> limit/block (as appropriate) traffic to the interface addresses, this is
> *not* done automatically.
I was under the impression that you needed the Sup720 to have it handled
in HW. I'm not
> At my previous employer we saw DoS attacks of much more than 120 kpps
> fairly regularly, and the 6509s handled it with no sweat.
I sure wish someone would tell this particular transit provider of mine
how to do that then :) They have a lot of their network built with J
boxes, but at this one problem pop, they have a 6509...
More information about the juniper-nsp
mailing list