[55096] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

11-25-03 DDoS Juniper Filter

daemon@ATHENA.MIT.EDU (Phil Rosenthal)
Sat Jan 25 08:39:07 2003

Reply-To: <pr@isprime.com>
From: "Phil Rosenthal" <pr@isprime.com>
To: <nanog@merit.edu>
Date: Sat, 25 Jan 2003 03:17:39 -0500
Errors-To: owner-nanog-outgoing@merit.edu


We have installed the following on all network ingress/egress points,
and have found it to filter the packets in question very effectively:

> show configuration firewall filter filter-012503
term deny-dos {
    from {
        packet-length 404;
        protocol udp;
        destination-port 1434;
    }
    then {
        count codered-4;
        discard;
    }
}
term allow-rest {
    then accept;
}

--Phil
ISPrime


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[55096] in North American Network Operators' Group

11-25-03 DDoS Juniper Filter

daemon@ATHENA.MIT.EDU (Phil Rosenthal)Sat Jan 25 08:39:07 2003

daemon@ATHENA.MIT.EDU (Phil Rosenthal)
Sat Jan 25 08:39:07 2003