Professional Documents
Culture Documents
Juniper SRX: Denial of Service (Dos) Attack Mitigation
Juniper SRX: Denial of Service (Dos) Attack Mitigation
Son Vu Truong
Agenda
• Network Attack
• Screen Options
• Demonstration
Network Attack
State of an Attack
• Reconnaissance
- IP address sweep
- Port scanning
- IP options
- OS probes
• Attack
• Further invasion
Denial-of-Service Attack
• Exploit-based DoS
exploits a particular
software vulnerability to
create a system or
service outage
• Flood-based DoS
overwhelms the victim
system with valid traffic
leaving the victim
system unavailable
Screen Options
JUNOS Flow Module
• First step in the flow
process.
• Processed at a line
rate
• Attack
• Further invasion
State of an Attack
• Reconnaissance
- IP address sweep
- Port scanning
State of an Attack
• Reconnaissance
- IP options
State of an Attack
• Reconnaissance
- OS probes
syn-fin
fin-no-ack
tcp-no-flag
Denial-of-Service Attack
• ip-spoofing
• limit-session
• syn-ack-ack
• tcp land
• syn-flood
THANK YOU