[j-nsp] Methods of protecting Junos boxes from users...

Doug Hanks dhanks at juniper.net
Mon May 23 23:05:12 EDT 2011


The SRX has dual-root partitions to try and avoid this.  What tends to cause it the most is /var/log being written to a lot.  Do you have traceoptions turned on or have excessive syslogging being written to a file?


Doug



-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of OBrien, Will
Sent: Monday, May 23, 2011 7:40 PM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] Methods of protecting Junos boxes from users...

During a maintenance window one of my co-workers had to go swap out a juniper SRX100.
Upon inspection, the file system had been corrupted so much that it wouldn't boot any more.

We suspect that the issue was due to the end users physically power cycling the device multiple times trying to 'fix it' during the planned network outage. (ugh)

Any ideas on ways to harden the os on these things? Is there a read only file system option or something?
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list