DDoS Protection with NetFlow

DDoS Protection: The Problem with NetFlow

“Netflow collection.” This is what I kept hearing from DDoS providers when I asked how they monitored networks.  But there are a couple problems with utilizing NetFlow. Problem 1: Sampling Rates… I’ve very rarely seen a sampling rate of 1 on routers.  Cisco’s CRS shelves and ASR9ks as well as Juniper’s TX Matrix Plus and MX960s are certainly capable … Continue Reading

Denial of Service @JuniperNetworks SRX Firewalls #whitehat

So my job as a Network Security Engineer is to test networks and devices for stress and vulnerability.  I haven’t ever uncovered anything that hasn’t already been discovered, but there seems to be a pretty serious design flaw in the traffic handling on high-end Juniper SRX firewalls. The high-end Juniper SRX firewalls are massive stateful … Continue Reading