[j-nsp] Using IDP/AppFW on SRX for preventing DNSSEC Amplification Attacks
Thomas Eichhorn
te at te3networks.de
Fri Sep 14 04:05:57 EDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear all,
as I believe most of us have encountered some DNS (DNSSEC)
amplification attacks, I wonder if any of you had some success
of stopping these using a SRX device.
My current approach would be to write an IDP signature which detects
"ANY" requests on UDP and just throw them away - but this is surely
not the most elegant solution.
Does anyone have some other ideas or maybe even solutions? I have seen
some implementations on the DNS-server side - but as always, if there is
some closed source server behind you need to find another way..
Thanks,
Tom
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlBS5V4ACgkQrUvjMoak8ZdIKQCfZOGEpltfUajoYWFMYlQPf2sG
JmQAn1MOIsbnO3nACqUIRBZDEfDdhisB
=sW4V
-----END PGP SIGNATURE-----
More information about the juniper-nsp
mailing list