[j-nsp] mitigating dos attack on Juniper M10i

Stefan Fouant sfouant at shortestpathfirst.net
Tue Apr 5 12:44:56 EDT 2011


> -----Original Message-----
> From: Giuliano Medalha [mailto:giuliano at wztech.com.br]
> Sent: Tuesday, April 05, 2011 11:53 AM
> To: Stefan Fouant
> Cc: kwarteng; Jonas Frey (Probe Networks); juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] mitigating dos attack on Juniper M10i
> 
> You can create a RE filter to protect the control plane (apply it input
> in lo0):

He never said he needed to protect his control plane, although that would certainly be of benefit.  But from what I gather here he is trying to determine the IP address of a host under attack in his environment.  Control plane filters will never assist here.

Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB4C956EC




More information about the juniper-nsp mailing list