[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Screen Options for Detecting IP Options Used For Reconnaissance
The following screen options detect IP options
that an attacker can use for reconnaissance or for some unknown but
suspect purpose:
-
Record Route: JUNOS software detects packets where the IP option
is 7 (Record Route) and records the event in the screen counters list
for the ingress interface.
-
Timestamp: JUNOS software detects packets where the IP option list includes
option 4 (Internet Timestamp) and records the event in the screen
counters list for the ingress interface.
-
Security: JUNOS software detects packets where the IP option is 2 (Security)
and records the event in the screen counters list for the ingress
interface.
-
Stream
ID: JUNOS software detects packets where the IP option is 8
(Stream ID) and records the event in the screen counters list for
the ingress interface.
If a packet with any of the previous IP options
is received, JUNOS software flags this as a network reconnaissance
attack and records the event for the ingress interface.
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
