[j-nsp] Decoding DDOS messages
John Kristoff
jtk at depaul.edu
Wed Mar 18 11:01:24 EDT 2020
On Wed, 18 Mar 2020 14:39:19 +0000
Saku Ytti <saku at ytti.fi> wrote:
> Unfortunately even non-broken lo0 filter is extremely uncommon, even
> MX book has fundamentally broken example, as is CYMRU example.
Team Cymru only lists a Cisco BGP, general NTP (which includes a
Juniper example), and Juniper IP multicast template publicly now:
<https://www.team-cymru.com/templates.html>
If you are referring to one of those, there is an email right on the
page to contact them and you should if there are mistakes and
improvements. They will welcome input. I edited the NTP template and
helped facilitate the IP multicast one Lenny did, so if there is a
problem with either of those I'd be interested to know about it, but I
am no longer an employee of Team Cymru so I can't fix them.
The other templates, including a generic Juniper template you can
find via a net search, but not through Team Cymru's website navigation,
are many years old and no longer maintained. It would be unwise to
trust or relay on those.
I have some example templates for more recent stuff work I've done, but
does not cover currently this thread's case and may be less
generically applicable. They are probably also not perfect, but people
are welcome to submit an issue there and I'll do my best to keep them
maintained:
<https://github.com/jtkristoff/junos>
John
More information about the juniper-nsp
mailing list