Attackers can use the record route, timestamp, security, and stream ID IP options for reconnaissance or for some unknown but suspect purpose. To detect packets with these options set, use either the J-Web or JUNOS CLI configuration editor.
- user@host# set security screen ip-record-route ip record-route-option
- user@host# set security screen ip-timestamp-opt ip
timestamp-option
- user@host# set security screen ip-security-opt ip security-option
- user@host# set security screen ip-stream-opt ip stream-option
- user@host# set security zones security-zone zone screen
ip-record-route-opt
- user@host# set security zones security-zone zone screen
ip-timestamp-opt
- user@host# set security zones security-zone zone screen
ip-security-opt
- user@host# set security zones security-zone zone screen
ip-stream-opt
