[j-nsp] SRX3600 Problem
Phil Mayers
p.mayers at imperial.ac.uk
Wed Apr 22 06:50:54 EDT 2015
On 21/04/15 17:22, Cahit Eyigünlü wrote:
> We are getting a spoofed ip syn attack. When attack starts and over
> 100K pps our SRX3600 was losting the connection. And we check the
> status of the device over the Serial connection. But we could not
> determine why it has been dropped the connection
What is "the connection" here? I don't understand your problem.
If you don't have "screen" protections enabled then yes, 100kpps of
spoofed syn will knock the box over.
See for example:
http://www.juniper.net/documentation/en_US/junos12.1/topics/concept/denial-of-service-network-syn-cookie-protection-understanding.html
More information about the juniper-nsp
mailing list