[j-nsp] Changing SSH port on EX switches, M routers

Stefan Fouant sfouant at shortestpathfirst.net
Sun Apr 3 20:24:55 EDT 2011


> -----Original Message-----
> From: Chris Kawchuk [mailto:juniperdude at gmail.com]
> Sent: Sunday, April 03, 2011 5:41 PM
> To: Jesus Alvarez
> Cc: juniper-nsp; Stefan Fouant
> Subject: Re: [j-nsp] Changing SSH port on EX switches, M routers
> 
> Ok, it may appear that I was advocating "security by obscurity", hence
> here's an example of a 'correct' way of doing things: =)
> 
> policy-options {
>     /* Put your known IPs here to allow them through */
>     prefix-list management-ips {
>         1.2.3.4/32;
>         2.3.4.5/32;
>         3.4.5.6/32;
>     }
> }

Thanks for inclusion of the inbound-prefix ACLs for completeness of the
discussion.

For the record, the comment wasn't directed at you, but rather the direction
of the thread.

Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB4C956EC



More information about the juniper-nsp mailing list