btw it seem ax411 will be EOL soon..
On Sun, Jan 12, 2014 at 9:51 PM, Mark Menzies m...@deimark.net wrote:
Same here. POE is the way to go.
Mark Menzies
sent via mobile device, please excuse errors
On 12 Jan 2014 02:14, OBrien, Will obri...@missouri.edu wrote:
I just used PoE. You can
Officially they are already
http://www.juniper.net/us/en/products-services/end-of-sale/ax411/
Brgds,
Maarten
-Oorspronkelijk bericht-
Van: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] Namens ashish
verma
Verzonden: maandag 13 januari 2014 13:14
Aan: Mark Menzies
CC:
Dear Juniper,
Please tell me you didn't actually do this. Please tell me that I'm just
missing something, and that you would never do something so insane. Did
you guys REALLY ship code that automatically enables an NTP server that
responds to the world, with no authentication or options to
On Mon, Jan 13, 2014 at 03:25:19PM -0600, Richard A Steenbergen wrote:
And then start making sure UDP/123 is blocked in your lo0 firewall
filters.
Shouldn't this be SOP anyway?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
On Jan 13, 2014, at 4:25 PM, Richard A Steenbergen r...@e-gerbil.net wrote:
Dear Juniper,
Please tell me you didn't actually do this. Please tell me that I'm just
missing something, and that you would never do something so insane. Did
you guys REALLY ship code that automatically enables
On Jan 13, 2014, at 5:03 PM, Chuck Anderson c...@wpi.edu wrote:
Shouldn't this be SOP anyway?
In the past many ISPs provided time to customers from the router hardware. The
difference I’ve seen here is regarding the speed that devices will respond.
The Juniper devices have a faster
I'm trying to troubleshoot a one-way audio problem and I'm very
confused. The traffic is marked as EF but it's not making it to the
destination. The egress interface has a firewall filter that at first
glance appears to permit all EF:
term permit-fec-ef {
from {
forwarding-class
Once upon a time, Richard A Steenbergen r...@e-gerbil.net said:
Please tell me you didn't actually do this. Please tell me that I'm just
missing something, and that you would never do something so insane. Did
you guys REALLY ship code that automatically enables an NTP server that
responds to
On 1/14/2014 午前 07:14, Jared Mauch wrote:
On Jan 13, 2014, at 5:03 PM, Chuck Anderson c...@wpi.edu wrote:
Shouldn't this be SOP anyway?
In the past many ISPs provided time to customers from the router hardware. The
difference I’ve seen here is regarding the speed that devices will respond.
On 1/13/2014 4:25 PM, Richard A Steenbergen wrote:
Dear Juniper,
Please tell me you didn't actually do this. Please tell me that I'm just
missing something, and that you would never do something so insane. Did
you guys REALLY ship code that automatically enables an NTP server that
responds to
On Mon, 13 Jan 2014 20:47:08 -0500
ML m...@kenweb.org wrote:
Juniper didn't want to be outdone by Cisco. Cisco devices act the
same way once they are configured as NTP clients.
IOS devices, at least those with which I'm familiar, don't implement the
full specification that includes mode 6/7
Oh oh someones listening just received:
JSA10613http://kb.juniper.net/InfoCenter/index?page=contentid=JSA10613actp=SUBSCRIPTIONMitigation
of NTP amplification attacks involving Junos
Can we get detailed lo0 filters listed too please?
On Tue, Jan 14, 2014 at 9:53 AM, Mark Tees
On Tue, 14 Jan 2014 12:38:12 +1100
Mark Tees markt...@gmail.com wrote:
Can we get detailed lo0 filters listed too please?
Hi Mark,
While I'll defer to Juniper for their recommendations, we've had this
for some time (scroll down to the Juniper section):
Thanks John,
I should have been more specific about what I meant.
Just filtering for NTP traffic in a firewall filter is fine and easy.
What I was referring to was a detailed ACL/Filter for lo0 that only allows
traffic for enabled services on the routing engine.
For example if Juniper posted a
On Jan 14, 2014, at 9:31 AM, Mark Tees markt...@gmail.com wrote:
Not Oh, NTP attacks are the flavour of the day! We better post a security KB
article about it.
If one has implemented iACLs at the edges of one's network, wouldn't this by
default shield the ntp service on the router from
I hope I am wrong here but the only place I have seen a decent example of
an accurate and secure lo0 firewall filter was in the Juniper MX series
book?
On Tue, Jan 14, 2014 at 9:44 AM, Paul S. cont...@winterei.se wrote:
On 1/14/2014 午前 07:14, Jared Mauch wrote:
On Jan 13, 2014, at 5:03 PM,
Of course.
I don't know if that means you should negate a decent local filter on a box.
On Tue, Jan 14, 2014 at 1:51 PM, Dobbins, Roland rdobb...@arbor.net wrote:
On Jan 14, 2014, at 9:31 AM, Mark Tees markt...@gmail.com wrote:
Not Oh, NTP attacks are the flavour of the day! We better
On 14 Jan 2014, at 12:31 pm, Mark Tees markt...@gmail.com wrote:
What I was referring to was a detailed ACL/Filter for lo0 that only allows
traffic for enabled services on the routing engine.
For example if Juniper posted a firewall filter template with all the
possible services customers
Thanks Ben I will review those links.
I have the MX book and have read a decent portion of it. Thats what I was
referring to. A quick glance shows some similar examples as to what was in
the MX book. Same author so it makes sense.
On Tue, Jan 14, 2014 at 2:52 PM, Ben Dale bd...@comlinx.com.au
19 matches
Mail list logo
