For example, I will configure unicast RPF (reverse-path forwarding) on Juniper MX204.
Continue reading “Juniper. Configuring RPF in Dynamic Profiles”
RPF allows you to reduce the impact of DOS-type attacks on IPv4 and IPv6 interfaces.
Once it was necessary to clean the smoke chamber of the Ajax FireProtect Plus sensor, as a dust alarm was triggered (an audible signal was periodically emitted from the sensor itself and a notification in the application).
Continue reading “Cleaning the chamber of the FireProtect Plus Ajax sensor”
Once I discovered on the graphs a large burst of Multicast packets on one of the ports of the Cisco Nexus 3064 switch, while the CPU load increased to 30%, before that it was 12% with L2 traffic of 13 Gbit/s.
Continue reading “High CPU load on Cisco Nexus 3064”
In this article, I will briefly describe the principle of DDoS DNS Amplification attacks.
Continue reading “Description of DNS Amplification Attacks”
OCSP is a protocol for checking the validity of certificates, that is, to make sure that they have not been revoked and whether they were actually issued. Enabling OCSP Stapling on the web server side allows you to increase the speed of site opening, since the request to the certification authority is made not by the browser, but by the web server.
Continue reading “Configuring OCSP Stapling”
In this article, I will give an example of SNMP Traps display about Loop Detect in Zabbix.
Continue reading “Displaying SNMP Traps about Loop Detect in Zabbix”
BNG Blaster is a testing tool, it can create thousands of virtual PPPoE and IPoE clients to test the performance of access servers, it also supports IGMP, QinQ, IPv6, etc.
Continue reading “Using BNG Blaster”
In this article I will give an example of detecting and blocking the sending of spam messages behind a NAT server.
Continue reading “Blocking SPAM behind a NAT server”
Aircrack-ng is a set of programs designed to detect wireless networks, intercept traffic transmitted over wireless networks, audit WEP and WPA/WPA2-PSK encryption keys (strength test).
Continue reading “Installing and configuring Aircrack-ng”
Official site: www.aircrack-ng.org