[j-nsp] SSH attack

Chuck Anderson cra at WPI.EDU
Wed Feb 20 18:18:56 EST 2008


On Wed, Feb 20, 2008 at 04:15:04PM -0400, Ying Zhang wrote:
> Hello, all,
> 
> On our Juniper router, we constantly see people trying to connect 
> through SSH. I've tried everything I can find to eliminate it. The 
> following is what I've done so far. Just wondering if there is a 
> better way to stop it on the router (we do block port ssh on every 
> link). Thanks in advance.

Instead of blocking SSH on every link, block it on lo0.  Firewall 
filters applied to the lo0 interface are applied to the Routing Engine 
itself.  Be careful if you apply filters here--be sure to allow any 
routing protocols into the Routing Engine, or they will break.


More information about the juniper-nsp mailing list