[nos-bbs] Jnos memory leak with forwarding

Brian n1uro at n1uro.ampr.org
Fri Oct 20 09:22:49 EDT 2017


On Fri, 2017-10-20 at 09:58 +0200, Gustavo Ponza wrote:

> TNX for this on deep explanation. Hope to study the fail2ban
> as soon the time permit.
This may be a little moot, I'll explain why below.

> However Maiko made a great job on this 'tcp access' and
> 'blacklist' features and I'm confident that almost many
> if not all accesses should be banned :)

If you're running your JNOS like a VM, then fail2ban would be totally
useless as the frames would never even go through it for it to see a
potential attack. The path of the frames would go like this:

inet cloud <--> CPE/Router|DMZ <--> JNOS VM (192.x.x.x)

In this instance, Maiko's (very effective) tools work great!..

Where as if you simply use tun/tap and have your kernel act as a 44/8
router then fail2ban would be effective since the packet paths would go:

inet cloud <--> CPE/Router|DMZ <--> Linux Kernel|fail2ban <--> JNOS

Of course, if you're really crafty you can write your own rules that can
accomplish the same goal as fail2ban.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part
URL: <http://lists.tapr.org/pipermail/nos-bbs_lists.tapr.org/attachments/20171020/b2f9bbf2/attachment.asc>

More information about the nos-bbs mailing list