Looks like you could block port 22 to all of those devices. Then perhaps you can allow 22 from one management device and use that as a hop to get into the Junipers.
Just a thought. On Thu, Jan 7, 2010 at 9:34 AM, Justin Credible <mista.justin.credi...@gmail.com> wrote: > Hi There, > > We have OpenBSD routers running OpenBGPD at the edge of our network > and behind that we use Juniper Firewalls running JunOS which need to > be patched due to: > http://ptresearch.blogspot.com/2010/01/juniper-junos-remote-kernel-crash-flaw.html > > Since we have so many Junipers it will take a while to patch them and > will be faster for us to add some mitigating rules on the OpenBSD > routers, I am wondering if anyone knows of a quick and simple rule > that we can Implement on OpenBSD to combat this issue? > > Thanks and regards, > > Justin