SistemOdasi.net / Bilgisayar / Firewall / Juniper ( SSG - SRX - NS - J) / Juniper - Junos - Syn Flood Protection CLI

Bu Konuyu Okuyanlar: 1 ZiyaretÇi
Cevapla 
 
DeÄŸerlendir:
  • 0 Oy - 0 Yüzde
  • 1
  • 2
  • 3
  • 4
  • 5
Juniper - Junos - Syn Flood Protection CLI
10-20-2010, 02:36 PM
Mesaj: #1
ozsarman Dışarıda
Administrator
*******
 		Mesajlar: 653
Katılma Tarihi: Mar 2010
Rep Puanı: 0
Teþekkürler: 0
0 Mesajýna 0 Teþekkür edildi.
Juniper - Junos - Syn Flood Protection CLI
1.Set interfaces.

user@host# set interfaces ge-0/0/0 unit 0 family inet address 1.2.2.1/24
user@host# set interfaces fe-1/0/0 unit 0 family inet address 1.1.1.1/24
user@host# set security zones security-zone zone_dmz interfaces ge-0/0/0.0
user@host# set security zones security-zone zone_external interfaces fe-1/0/0.0

2.Define addresses.

user@host# set security zones security-zone zone_dmz address-book address ws1 1.2.2.10/32
user@host# set security zones security-zone zone_dmz address-book address ws2 1.2.2.20/32
user@host# set security zones security-zone zone_dmz address-book address ws3 1.2.2.30/32
user@host# set security zones security-zone zone_dmz address-book address ws4 1.2.2.40/32
user@host# set security zones security-zone zone_dmz address-book address-set web_servers address ws1
user@host# set security zones security-zone zone_dmz address-book address-set web_servers address ws2
user@host# set security zones security-zone zone_dmz address-book address-set web_servers address ws3
user@host# set security zones security-zone zone_dmz address-book address-set web_servers address ws4

3.Configure policy.

user@host# set security policies from-zone zone_external to-zone zone_dmz policy id_1 match source-address any
user@host# set security policies from-zone zone_external to-zone zone_dmz policy id_1 match destination-address web_servers
user@host# set security policies from-zone zone_external to-zone zone_dmz policy id_1 match application junos-http
user@host# set security policies from-zone zone_external to-zone zone_dmz policy id_1 then permit

4.Configure SCREEN options.

user@host# set security screen ids-option zone_external-syn-flood tcp syn-flood alarm-threshold 250
user@host# set security screen ids-option zone_external-syn-flood tcp syn-flood attack-threshold 625
user@host# set security screen ids-option zone_external-syn-flood tcp syn-flood source-threshold 25
user@host# set security screen ids-option zone_external-syn-flood tcp syn-flood timeout 20
user@host# set security zones security-zone zone_external screen zone_external-syn-flood
Özdemir Şarman
aka (Charmant-zavanetratan)
Web Sayfasını Ziyeret Edin Tüm Mesajlarını Bul
Alıntı Yaparak Cevapla
Cevapla 


  • RSS
  • del.icio.us
  • StumbleUpon
  • Digg
  • TwitThis
  • Facebook
  • Reddit
  • Google
  • YahooMyWeb
  • E-mail

Benzeyen Konular
Konu: Yazar Cevaplar: Gösterim: Son Mesaj
  Juniper SRX üzerinde ADSL2/2+ Mini-Physical Interface Modules (Mini-PIMs) kartı root 0 270 06-17-2011 03:57 PM
Son Mesaj: root
  Juniper SRX 'de rescue configuration nedir? root 0 334 06-10-2011 11:18 AM
Son Mesaj: root
  Juniper SRX ADSL + 3G + Dial-Up Modem Yedek Hatlı Kurulum ÖrneÄŸi root 0 697 05-27-2011 03:03 PM
Son Mesaj: root
  Juniper J ve SRX Serilerinde NAT kuralı limiti nedir? root 0 194 05-27-2011 02:22 PM
Son Mesaj: root
  Juniper SSG ürününde SIP desteÄŸi varmıdır? root 0 334 02-07-2011 05:11 PM
Son Mesaj: root
  Juniper Security Ãœrünleri İçin Raporlama ve Yönetim Araçları Varmıdır? root 0 359 02-07-2011 05:04 PM
Son Mesaj: root
  Juniper SRX üzerinde J-flow konfigürasyon örneÄŸi root 0 547 02-07-2011 04:19 PM
Son Mesaj: root
  Juniper SSG140 License Key Ekleme ve Silme ozsarman 0 1,179 06-04-2010 09:36 AM
Son Mesaj: ozsarman
  Juniper SSG 140 Nasil Reboot Edilir? ozsarman 0 590 06-04-2010 09:26 AM
Son Mesaj: ozsarman
  Juniper SSG Ãœzerinde Teamviewer Nasil Bloklanır? ozsarman 0 465 04-29-2010 12:06 PM
Son Mesaj: ozsarman

Forum Atla:


İletişim | SistemOdasi.net | Yukarıya dön | İçeriğe Dön | RSS
site ekle
Zirve100 Toplist