Changing the port really isn't useful. Against automated systems just
scanning, sure. If someone wants in, they'll find it.
Morgan
On Thu, Apr 5, 2012 at 4:08 PM, Tim Hogard wrote:
> >
> > On Thu, Apr 5, 2012 at 3:09 PM, Harri Makela
> wrote:
> > > Hi Guys
> > >
> > > We are getting "SSH_Brute
>
> On Thu, Apr 5, 2012 at 3:09 PM, Harri Makela wrote:
> > Hi Guys
> >
> > We are getting "SSH_Brute_Force" alerts quite often from our Intrusion
> > prevention systems (IPS) - ISS GX.
> >
...
> >
> > change SSH port? system wide from 22 to 10022 ?
I'm guessing your inside hosts are getting hit
Changing to a non-standard port is a start.
You should also look at why SSH is available globally? Locking it down seems
like an obvious solution to me.
Lastly, I know there are some IPS systems which have mitigation options
built-in. It's not much more than a script that logs into your gear
Hi Jonathan
Thanks for the advice.
I`l go through the JunOS configuration and make sure that relevant
configuration/filters are being applied.
once I`ll make the process after some more research, I`ll share it with you.
The process that I have to write is more to do define the alerts severity
On Thu, Apr 5, 2012 at 3:09 PM, Harri Makela wrote:
> Hi Guys
>
> We are getting "SSH_Brute_Force" alerts quite often from our Intrusion
> prevention systems (IPS) - ISS GX.
>
> Issue Description: We have detected SSH_Brute_Force events sourcing from
> external IP x.x.x.x targeting multiple inte
Why is SSH exposed from the internet to begin with? Generally not a great
idea. Otherwise, changing from standard port just makes everything more
difficult when dealing with protocols that run over SSH.
These brute force events are usually just bots scanning for insecure
servers, they don't really
Hi Guys
We are getting "SSH_Brute_Force" alerts quite often from our Intrusion
prevention systems (IPS) - ISS GX.
Issue Description: We have detected SSH_Brute_Force events sourcing from
external IP x.x.x.x targeting multiple internal IPs. This is probably an
attempt to gain access to
"show route forwarding-table family vpls"
Mac-table command is not supported on SRX.
Jensen Tyler
Sr Engineering Manager
Fiberutilities Group, LLC
(319) 297-6915 (office) *NEW
(319) 364-8100 (fax)
(319) 329-8578 (mobile)
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mai
thx man. it works.
--
Best Regards,
Bruno
-- Original --
From: "Jensen Tyler";
Date: Thu, Apr 5, 2012 11:20 PM
To: "bruno";
"juniper-nsp";
Subject: RE: [j-nsp] vpls mac table problem
"show route forwarding-table family vpls"
Ma
hi expert,
i am test vpls on srx device. everything is good. ce can ping each other. but
when i issue the command run show vpls mac-table on pe. i got nothing . i am
running the latest junos os . is there any bug there or what i am missing?
[edit]
root@R1# run show vpls statistics
VPLS stat
10 matches
Mail list logo