Juniper SRX: Denial of Service (Dos) Attack Mitigation

Uploaded by

WaqasMirza

0% found this document useful (0 votes)

15 views14 pages

408006476-Screen-Options-DoS-Prevention-SRX

Original Title

408006476-Screen-Options-DoS-Prevention-SRX

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

408006476-Screen-Options-DoS-Prevention-SRX

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

15 views14 pages

Juniper SRX: Denial of Service (Dos) Attack Mitigation

Uploaded by

WaqasMirza

408006476-Screen-Options-DoS-Prevention-SRX

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 14

Search inside document

Juniper SRX

Denial of Service (DoS) Attack Mitigation

Son Vu Truong
Agenda
• Network Attack

• Screen Options

• Demonstration
Network Attack
State of an Attack
• Reconnaissance
- IP address sweep
- Port scanning
- IP options
- OS probes

• Attack

• Further invasion
Denial-of-Service Attack
• Exploit-based DoS
exploits a particular
software vulnerability to
create a system or
service outage

• Flood-based DoS
overwhelms the victim
system with valid traffic
leaving the victim
system unavailable
Screen Options
JUNOS Flow Module
• First step in the flow
process.

• Layer 3 and Layer 4

attacks.

• Processed at a line
rate

• Simple and built-in

Screens Types
• Packet-based: packet-by-packet in a stateless fashion
- tcp syn-fin
- tcp fin-no-ack
- tcp tcp-no-flag
- ip spoofing

• Threshold-based: semi-stateful fashion

- icmp flood
- icmp ip-sweep
- udp flood
- tcp port-scan
State of an Attack
• Reconnaissance
- IP address sweep
- Port scanning
- IP options
- OS probes

• Attack

• Further invasion
State of an Attack
• Reconnaissance
- IP address sweep
- Port scanning
State of an Attack
• Reconnaissance
- IP options
State of an Attack
• Reconnaissance
- OS probes

 syn-fin
 fin-no-ack
 tcp-no-flag
Denial-of-Service Attack
• ip-spoofing
• limit-session
• syn-ack-ack
• tcp land
• syn-flood
THANK YOU

F5 Network
Document588 pages
F5 Network
Son Vu Truong
67% (6)
CCNA Security Top 50 Interview Questions and Answers Volume 1.0
Document22 pages
CCNA Security Top 50 Interview Questions and Answers Volume 1.0
Son Vu Truong
No ratings yet
Attacchi all'IPv6
Document48 pages
Attacchi all'IPv6
Luca Sponta
No ratings yet
Materi 6 Vulnerability Assessment - V
Document42 pages
Materi 6 Vulnerability Assessment - V
Neny Jun
No ratings yet
Network Attacks and Mitigation
Document54 pages
Network Attacks and Mitigation
periutza
No ratings yet
Computer Security and Penetration Testing: Scanning Tools
Document37 pages
Computer Security and Penetration Testing: Scanning Tools
Osei Sylvester
No ratings yet
Wireless Security Tutorial TFA, Rice Elec 438: Tara Hong Joel Khan Prabhu Metgud
Document24 pages
Wireless Security Tutorial TFA, Rice Elec 438: Tara Hong Joel Khan Prabhu Metgud
Suvir Singh
No ratings yet
CEH Lesson 4 - Snipping, Session Hijacking, and DoS
Document25 pages
CEH Lesson 4 - Snipping, Session Hijacking, and DoS
Louise Real
No ratings yet
Certified Penetration Testing Professional CPTP
Document12 pages
Certified Penetration Testing Professional CPTP
lasaus
No ratings yet
CIS Lecture 5
Document64 pages
CIS Lecture 5
Bilal Rasool
No ratings yet
Cisco Router Forensics: Director, Southeast Cybercrime Institute Kennesaw State University Blackhat Briefings, Usa, 2002
Document23 pages
Cisco Router Forensics: Director, Southeast Cybercrime Institute Kennesaw State University Blackhat Briefings, Usa, 2002
Krypton
No ratings yet
Lecture05Enumeration EH
Document36 pages
Lecture05Enumeration EH
irfan Nazir
No ratings yet
CH 02
Document8 pages
CH 02
andrewiles88
No ratings yet
Network Security
Document26 pages
Network Security
Preetesh Shetty
No ratings yet
Introduction To Network Security: Guest Lecture Debabrata Dash
Document47 pages
Introduction To Network Security: Guest Lecture Debabrata Dash
Ankit Rohatgi
No ratings yet
PT CH 3 Active Reconnaissance Ready
Document114 pages
PT CH 3 Active Reconnaissance Ready
krishnareddy70084
No ratings yet
Implementing Secure Converged Wide Area Networks (ISCW)
Document8 pages
Implementing Secure Converged Wide Area Networks (ISCW)
Hebert Molina
No ratings yet
Computer Security and Penetration Testing: Scanning Tools
Document141 pages
Computer Security and Penetration Testing: Scanning Tools
Ethan Fernandez
No ratings yet
Black Hat 2006 Therm Optic Exploit
Document61 pages
Black Hat 2006 Therm Optic Exploit
SpyDr ByTe
No ratings yet
Network and Information Security Course 6
Document174 pages
Network and Information Security Course 6
Ahmad Alhamed
No ratings yet
Ch. 2
Document48 pages
Ch. 2
disneyhotstar3333
No ratings yet
Cyber Security: Chintan - Patel@marwadieducation - Edu.in
Document21 pages
Cyber Security: Chintan - Patel@marwadieducation - Edu.in
Priyanka Doshi
No ratings yet
Cyber Security: Prof. Chintan Patel Chintan - Patel@marwadieducation - Edu.in
Document44 pages
Cyber Security: Prof. Chintan Patel Chintan - Patel@marwadieducation - Edu.in
Priyanka Doshi
No ratings yet
CCNP Security - SENSS Simple Network Management Protocol
Document15 pages
CCNP Security - SENSS Simple Network Management Protocol
Luis Gonzalez
No ratings yet
Scanning Networks
Document36 pages
Scanning Networks
jaya prasanna
100% (2)
Slide-Worm Part 1
Document39 pages
Slide-Worm Part 1
Nhật Huy
No ratings yet
Network Reconnaissance: Anup Sahu 3 Year Comp Science
Document9 pages
Network Reconnaissance: Anup Sahu 3 Year Comp Science
Anup Sahu
No ratings yet
Computer Security and Penetration Testing: Denial-of-Service Attacks
Document47 pages
Computer Security and Penetration Testing: Denial-of-Service Attacks
Osei Sylvester
No ratings yet
Computer Security and Penetration Testing: Sniffers
Document65 pages
Computer Security and Penetration Testing: Sniffers
Osei Sylvester
No ratings yet
An Toàn L P 4: Tcp/Ip Attacks: Nguyen Hong Son Ptithcm
Document37 pages
An Toàn L P 4: Tcp/Ip Attacks: Nguyen Hong Son Ptithcm
Bui Hong My
No ratings yet
Slides 04
Document30 pages
Slides 04
vilayilvaishnav
No ratings yet
Network Security
Document60 pages
Network Security
Dheeraj
No ratings yet
Nymble:: Blocking Misbehaving Users in Anonymizing Networks
Document10 pages
Nymble:: Blocking Misbehaving Users in Anonymizing Networks
chaithra580
No ratings yet
Honeypot PDF
Document50 pages
Honeypot PDF
krishnathefriend
No ratings yet
Introduction To Network Security: Guest Lecture Debabrata Dash
Document47 pages
Introduction To Network Security: Guest Lecture Debabrata Dash
Digvijay Singh
No ratings yet
Unit - 4 Remaining Topics
Document87 pages
Unit - 4 Remaining Topics
Nivedhitha
No ratings yet
IEATC SCv3.Day.02.Part.02.Layer.2.Security - and.IOS - Aaa.1.00
Document6 pages
IEATC SCv3.Day.02.Part.02.Layer.2.Security - and.IOS - Aaa.1.00
Bruno Nunes
No ratings yet
Attack and Penetration
Document44 pages
Attack and Penetration
Achmad Hidayat
100% (1)
Nmap 101
Document25 pages
Nmap 101
Erpan Erpan
No ratings yet
CS 640: Introduction To Computer Networks: Aditya Akella Lecture 25 - Network Security
Document39 pages
CS 640: Introduction To Computer Networks: Aditya Akella Lecture 25 - Network Security
Xozan
No ratings yet
Syslog - SNMP - NTP - DNS - QoS - CCNA
Document51 pages
Syslog - SNMP - NTP - DNS - QoS - CCNA
blue.jupiter9x154
No ratings yet
CH 11
Document47 pages
CH 11
Enock Darkoh
No ratings yet
Ch.14 Network Threats and Mitigation
Document32 pages
Ch.14 Network Threats and Mitigation
victorbittar29
No ratings yet
Network Security Part 1
Document85 pages
Network Security Part 1
amolmh
No ratings yet
Methodology Footprinting&Scanning
Document55 pages
Methodology Footprinting&Scanning
Adithya Milavar
No ratings yet
Foot Printing
Document21 pages
Foot Printing
mwesigwaa
No ratings yet
Name: Pradeep Gupta Roll No: 112 Div: A
Document3 pages
Name: Pradeep Gupta Roll No: 112 Div: A
Pradeep Gupta
No ratings yet
Ethical Hacking: Enumeration
Document37 pages
Ethical Hacking: Enumeration
jaya prasanna
No ratings yet
Network Security Architecture: Dr. Jasim Saeed
Document47 pages
Network Security Architecture: Dr. Jasim Saeed
Sameer Sohail
No ratings yet
Hacking Methodology Lab 1
Document63 pages
Hacking Methodology Lab 1
api-3747124
No ratings yet
Tut Pres Alvaran Securing Edge Network Devices
Document25 pages
Tut Pres Alvaran Securing Edge Network Devices
m117970
No ratings yet
Stealth Probing: Efficient Data-Plane Security For IP Routing
Document30 pages
Stealth Probing: Efficient Data-Plane Security For IP Routing
Hema latha
No ratings yet
Phase 2
Document39 pages
Phase 2
Tarik Ameziane
No ratings yet
SCTP Protocol
Document18 pages
SCTP Protocol
Ashish Gupta
No ratings yet
07 - Scanning
Document16 pages
07 - Scanning
yeni nyimpen data
No ratings yet
Computer Security and Penetration Testing: Spoofing
Document44 pages
Computer Security and Penetration Testing: Spoofing
Osei Sylvester
No ratings yet
Security+ Notes Alan Raff
Document6 pages
Security+ Notes Alan Raff
Pala
No ratings yet
A Practical Guide Wireshark Forensics
From Everand
A Practical Guide Wireshark Forensics
alasdair gilchrist
Rating: 5 out of 5 stars
5/5 (4)
Web Penetration Testing with Kali Linux - Second Edition
From Everand
Web Penetration Testing with Kali Linux - Second Edition
Ansari Juned Ahmed
No ratings yet
Hack into your Friends Computer
From Everand
Hack into your Friends Computer
Magelan Cyber Security
No ratings yet
Basic Linux Terminal Tips and Tricks: Learn to Work Quickly on the Command Line
From Everand
Basic Linux Terminal Tips and Tricks: Learn to Work Quickly on the Command Line
Philip Kirkbride
No ratings yet
Advanced Penetration Testing for Highly-Secured Environments - Second Edition
From Everand
Advanced Penetration Testing for Highly-Secured Environments - Second Edition
Lee Allen
No ratings yet
Riverbed Deployment
Document92 pages
Riverbed Deployment
Son Vu Truong
No ratings yet
Riverbed Deployment
Document92 pages
Riverbed Deployment
Son Vu Truong
No ratings yet
Nexus VPN l3vpn Configuration Guide
Document60 pages
Nexus VPN l3vpn Configuration Guide
Son Vu Truong
No ratings yet
L2vpn l2 Vfi
Document1 page
L2vpn l2 Vfi
Son Vu Truong
No ratings yet
Juniper MPLS and VPNs PDF
Document382 pages
Juniper MPLS and VPNs PDF
Son Vu Truong
No ratings yet
Patch Installation Guide Huawei Hardware
Document23 pages
Patch Installation Guide Huawei Hardware
Son Vu Truong
No ratings yet
Emergency Hardware Maintenance (V600R001C00 03)
Document87 pages
Emergency Hardware Maintenance (V600R001C00 03)
Son Vu Truong
No ratings yet
MPLS VPNL3
Document14 pages
MPLS VPNL3
Son Vu Truong
No ratings yet
Multilevel Is-Is Networks
Document16 pages
Multilevel Is-Is Networks
Son Vu Truong
No ratings yet
OSPF Case Studies
Document37 pages
OSPF Case Studies
Son Vu Truong
No ratings yet
Isis
Document57 pages
Isis
Son Vu Truong
No ratings yet
Ospf Areas
Document27 pages
Ospf Areas
Son Vu Truong
No ratings yet
Advanced ISIS Operations
Document36 pages
Advanced ISIS Operations
Son Vu Truong
No ratings yet
BGP
Document51 pages
BGP
Son Vu Truong
No ratings yet
Method - Expanding Opportunities For Online Shoppers With Disabilities
Document7 pages
Method - Expanding Opportunities For Online Shoppers With Disabilities
Son Vu Truong
No ratings yet
AWS s3 DG
Document749 pages
AWS s3 DG
Son Vu Truong
No ratings yet