What is source routing attacks?
To find the route that packets take through your network, attackers use IP source route attacks. The attacker sends an IP packet and uses the response from your network to get information about the operating system of the target computer or network device.
What match criteria does an SRX Series device’s Network Processing Unit NPU use to determine if a flow already exists for a packet?
To determine if a flow exists for a packet, the NPU attempts to match the packet’s information to that of an existing session based on the following match criteria: Source address. Destination address. Source port.
What are Screens in juniper SRX?
Screen options on SRX Series devices are used to prevent attacks, such as IP address sweeps, port scans, denial of service (DOS) attacks, ICMP, UDP, and SYN floods. For information about the types of attacks and how to prevent them, see Screens Options for Attack Detection and Prevention.
What is transit traffic in Juniper?
-> Transit Traffic is the traffic that is passing via the junos device. -> Transit Traffic is forwarded from one ingress port to multiple egress ports based upon type of the traffic ( unicast or multicast) using forwarding table. -> Transit Traffic is handled by Packet Forwarding Engine only.
How do I disable IP source routing?
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)” to “Highest protection, source routing is completely disabled”.
What is Juniper SPU?
The Juniper Networks enterprise-specific Services Processing Unit (SPU) Monitoring Objects MIB, jnxJsSecPolicyMIB, whose object ID is {jnxJsSPUMonitoringMIB 1}, defines the MIB for SPU monitoring for SRX5600 and SRX5800 services gateways.
Which of the following are supported mini physical interface modules mini PIMS on an SRX Series Services Gateways choose three?
DOCSIS. Feedback : The SRX Series Services Gateways support the following Mini-Physical Interface Modules: 1-Port Small Form-Factor Pluggable (SFP), 1-Port Gigabit Ethernet Small Form-Factor Pluggable (SFP), ADSL2+, DOCSIS, G. SHDSL, Serial, T1/E1, and VDSL2.
What is Exception traffic in Juniper?
Exception Traffic is traffic that is destined for the local system. For example if you wanted to check if the router up, you would ping its loopback address. This would be regarded as Exception Traffic, as packets destined for a device requires additional processing by the Routing Engine.
What are three examples of exception traffic?
Examples of EXCEPTION traffic: SCP traffic that enters one interface and exits another interface on local router: True/False. SCP traffic that is destined for router’s loopback interface: True/False. SFTP traffic that enters one interface and is destined for a local physcial interface: True/False.
Is source routing disabled on the router?
–> Cisco routers normally accept and process source routes. Unless a network depends on it, source routing should be disabled. –> Attackers can use source routing to probe the network by forcing packets into specific parts of the network.