North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
11-25-03 DDoS Juniper Filter
- From: Phil Rosenthal
- Date: Sat Jan 25 08:40:45 2003
We have installed the following on all network ingress/egress points,
and have found it to filter the packets in question very effectively:
> show configuration firewall filter filter-012503
term deny-dos {
from {
packet-length 404;
protocol udp;
destination-port 1434;
}
then {
count codered-4;
discard;
}
}
term allow-rest {
then accept;
}
--Phil
ISPrime
|
