3/22/09

Cisco Router Black hole filtering

Black hole filtering is a technique usually used by service providers for traffic filtering without applying access-lists.

The technique is very useful in mitigation of many types of DOS attacks. The idea behind Black hole filtering is very simple; just define the traffic you want to discard and configure a static route pointing to the Null0 interface.

The following rules summarize the technique:

  • Define the suspected traffic by destination.
  • Configure static route pointing this destination to null0.
Black hole filtering is based on the destination address of the packet.
Packets directed to the Null interface are just discarded.
Static routes to the Null0 interface use the same rules of normal static routes (redistribution, AD, etc..).

Example:

!-- packets destined to 195.226.123.200 disarded
ip route 195.226.123.200 255.255.255.255 null0

!-- Disable ICMP unreachable packets
int null0

no ip unreachables



at
Labels: , ,

How to Change JKS KeyStore Private Key Password

Use following keytool command to change the key store password >keytool  -storepasswd  -new [new password ]  -keystore  [path to key stor...

  • AIX Security Checklist
    AIX Environment Procedures The best way to approach this portion of the checklist is to do a comprehensive physical inventory of the server...
  • How to Change JKS KeyStore Private Key Password
    Use following keytool command to change the key store password >keytool  -storepasswd  -new [new password ]  -keystore  [path to key stor...