Re: [j-nsp] Firewall best practices

> > Hi everyone, > > I have a question regarding managing policies among multiple sets of > firewalls. I don't know what industry standard / best practice is for > managing rules among multiple devices. There isn't one. Take the Trust/DMZ/Untrust which is documented as "best practice" but wasn't

Re: [j-nsp] SSH_Brute_Force events

> > On Thu, Apr 5, 2012 at 3:09 PM, Harri Makela wrote: > > Hi Guys > > > > We are getting "SSH_Brute_Force" alerts quite often from our Intrusion > > prevention systems (IPS) - ISS GX. > > ... > > > > change SSH port? system wide from 22 to 10022 ? I'm guessing your inside hosts are getting hit

Re: [j-nsp] Changing SSH port on EX switches, M routers

> > > Date: Sun, 03 Apr 2011 13:12:54 -0700 > > From: Joel Jaeggli > > Sender: juniper-nsp-boun...@puck.nether.net > > > > the normal approach is to have the control plane policing policy limit > > where you can ssh from rather than obfiscating the port number. From my > > vantage point the abil

Re: [j-nsp] Opinion about stateful firewall : SSG or ASM

As an semi-related question, Can anyone recommend a good mailing list for the netscreen/ssg routers? Is general ssg/netscreen discussion on topic for this list or is there a better list for netscreen for the office (vs for the ISP)? I currently have a pair of ssg-140 and I'm only about a 1/4 of