[j-nsp] Decoding DDOS messages
Saku Ytti
saku at ytti.fi
Wed Mar 18 12:19:10 EDT 2020
This wasn't the only problem, there are many issues, it's normal, I've
not read single lo0 filter in real network which isn't fundamentally
broken. Trying to tactically address the problems is waste of time
when redesign is needed.
On Wed, 18 Mar 2020 at 18:18, Saku Ytti <saku at ytti.fi> wrote:
>
> I'm your BGP speaker.
>
> I set SPORT to 179
> I access your SSH port
>
> On Wed, 18 Mar 2020 at 18:16, John Kristoff <jtk at depaul.edu> wrote:
> >
> > On Wed, 18 Mar 2020 16:02:09 +0000
> > Saku Ytti <saku at ytti.fi> wrote:
> >
> > > It is completely broken, you use 'port' so you expose every port in your system.
> >
> > Ha, OK thanks. I think that would require some not so easy spoofing
> > unless I'm missing something. We can convert any statement that just
> > uses port to directional, which I think will require additional rules
> > to tighten it up. Feel free to submit example configs.
> >
> > John
>
>
>
> --
> ++ytti
--
++ytti
More information about the juniper-nsp
mailing list