Junos OS

Expand all | Collapse all

Whitelist - IP

Jump to Best Answer
  • 1.  Whitelist - IP

    Posted 08-13-2017 21:40

    Hello guys, I found this link to whitelist an IP.

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/security-edit-white-list.html

    It has this syntax:

    white-list name {
    destination-address [address];
    source-address [address];
    }
     
    Is this correct to white-list an IP?
     
    Thanks.


  • 2.  RE: Whitelist - IP
    Best Answer

     
    Posted 08-14-2017 03:18

    This document shows how to white list for this specific Sceen filter.  You would use this only after you have found that a legitimate host performing an approved application was hitting this specific Screen (tcp syn-flood).

     

    You would use this if you have a high volume application that might trigger the tcp syn check but is legitimate and you don't want to increase the limit to add risk from other servers and you don't want the syn check delay from the server you know will hit the limit.



  • 3.  RE: Whitelist - IP

    Posted 08-14-2017 21:09

    Thanks spuluka, I never understand the link properly.

     

    Thank you so much for the explanation.

     

    I think might be useful for some pen testing?  Or not?



  • 4.  RE: Whitelist - IP

     
    Posted 08-15-2017 02:28

    It would depend on the purpose of the pen test.  If the pen test is for the purpose of testing outsider access to the infrastructure and the effectiveness of the defense, then you would not want to white list the testing ip address.

     

    But if the purpose is to test the servers themselves, then you would want to disable the screens that would apply for the pen testing ip address. 



  • 5.  RE: Whitelist - IP

    Posted 08-24-2017 18:37

    Thanks for the insights..