[j-nsp] SSH attack
Chuck Anderson
cra at WPI.EDU
Wed Feb 20 18:18:56 EST 2008
On Wed, Feb 20, 2008 at 04:15:04PM -0400, Ying Zhang wrote:
> Hello, all,
>
> On our Juniper router, we constantly see people trying to connect
> through SSH. I've tried everything I can find to eliminate it. The
> following is what I've done so far. Just wondering if there is a
> better way to stop it on the router (we do block port ssh on every
> link). Thanks in advance.
Instead of blocking SSH on every link, block it on lo0. Firewall
filters applied to the lo0 interface are applied to the Routing Engine
itself. Be careful if you apply filters here--be sure to allow any
routing protocols into the Routing Engine, or they will break.
More information about the juniper-nsp
mailing list