Hello Guys,
quick questions , AFAIK, there was some kind security alert issued long time
ago dont remember exactly when , but we were told that to use below
configuration in RE filter to protect the RE resources...i like to know if it
is still valid threat and if somebody can shed some light why it is important
to have it in filter?
term first-icmp-frag {
from {
first-fragment;
protocol icmp;
}
then {
count icmp-fragment-discards;
log
discard;
}
}
term next-icmp-frag {
from {
is-fragment;
protocol icmp;
}
then {
count icmp-fragment-discards;
log
-----Original Message-----
From: sthaug <sth...@nethelp.no>
To: tmikolajek <tmikola...@gmail.com>
Cc: juniper-nsp <juniper-nsp@puck.nether.net>
Sent: Thu, Nov 27, 2014 1:51 am
Subject: Re: [j-nsp] Protect-re
> http://www.juniper.net/us/en/training/jnbooks/day-one/fundamentals-series/securing-routing-engine/
Also worth looking at: http://www.team-cymru.org/ReadingRoom/Templates/
Steinar Haug, Nethelp consulting, sth...@nethelp.no
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
