[j-nsp] Juiper denial of service attacks...

Christopher Morrow morrowc at ops-netman.net
Sun Jan 11 02:41:04 EST 2004


On Jan 11, 2004, at 6:42 AM, Alex Rubenstein wrote:

>
>
> On Sun, 11 Jan 2004, Christopher Morrow wrote:
>
>>> The GSR's are ok, but frankly an M5 blows it out of the water.
>>> You can barely filter on a GSR...
>>>
>>
>> This does depend highly on IOS revision, linecard revision, features
>> currently in use...
>
>
> AHA! Are you saying that comparing GSR and the associated technology of
> when it came out 5 years ago (old 12.0, engine-0) with an M5 is not a
> reasonable comparison?
>
Sure... you could say that, though 5 years ago was there a oc-12 card 
availble for the GSR? or just oc3? Stable 12.0 release then?

The E0 cards will filter 'fine' with 12.0 and oc3 or oc12 ATM cards 
seem to fitler 'ok', not to the detail of an M5, but that wasn't out 5 
years ago either...

Apples != Oranges, but Alex already knew that I suspect. My point was 
just that if you see a M5 today and a 'current' 12000 platform with 
'current' cards you can make  a fairly close comparison for this space 
(dos attack filtering)...

-Chris



More information about the juniper-nsp mailing list