Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

11-25-03 DDoS Juniper Filter

  • From: Phil Rosenthal
  • Date: Sat Jan 25 08:40:45 2003

We have installed the following on all network ingress/egress points,
and have found it to filter the packets in question very effectively:

> show configuration firewall filter filter-012503
term deny-dos {
    from {
        packet-length 404;
        protocol udp;
        destination-port 1434;
    }
    then {
        count codered-4;
        discard;
    }
}
term allow-rest {
    then accept;
}

--Phil
ISPrime





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.