Home » Security


Black hole filtering

Black hole filtering is a technique usually used by service providers for traffic filtering without applying access-lists. The technique is very useful in mitigation of many types of DOS attacks. The idea behind Black hole filtering is very simple; just define the traffic you want to discard and configure a static route pointing to the Null0 interface. The following rules summarize the technique: Define the suspected traffic by destination. Configure static route pointing this destination to null0. Black hole filtering is based on the destination address of the packet. Packets directed to the Null interface are just discarded. Static routes …

Read More »

MPLS VPN security threats

MPLS L3 VPN services is widely used nowadays by many enterprises and organizations. They provide a lot of flexibility in connecting different sites compared to L2VPN services and offloads a lot of the responsibilities from the enterprise to the provider. I have gained all my networking experience in service provider environments, and have seen very little number of customers taking VPN security seriously. While  for most of them security is a very critical issue to consider. Banks, Travel agencies and stock brokerages have very critical applications that require a high level of security planning.

Read More »

Unicast Reverse Path Forwarding

In order for a router to perform its function of forwarding packets it only needs to look at the destination address of the IP packet and never at the source; this allows an attacker to send malformed IP packets using spoofed source IP address and your routers will simply forward these malformed packets to their destinations. Unicast reverse path forwarding is feature used by network administrators to mitigate the problems caused by address spoofing attacks. When RPF is enabled on an interface, the router examines the source address of each packet it received to make sure it is existing in …

Read More »

Limiting non-business related applications during work hours

In this post we will explore how to limit or even stop your employees from using applications that are not related to the business during work hours. In the following example I am going to use HTTP as an example for unwanted applications, you can specify any type of application you would like to limit or stop (file sharing, chatting, downloading ..) Configuration Steps: 1- create your time range in which these applications will be deined as show below !– This timerange matches everyday from 9am to 5pm expcet weekends time-range WEEKDAYS periodic weekdays 9:00 to 17:00 2- Identify non-business …

Read More »