Intrusion Prevention
Highlighted
Intrusion Prevention

Juniper's solution to mitigate synful knock

[ Edited ]
‎10-29-2015 05:08 AM

the current issue with cisco generation 1 router (synful knock). what has juniper done to mitigate this malware attack on networks. cisco is using it against juniper.

thanks.

1 REPLY 1
Intrusion Prevention

Re: Juniper's solution to mitigate synful knock

‎01-17-2016 10:11 PM

Hi,

 

 

If you are looking for an IDP signature to help with this issue, then check this link:

http://services.netscreen.com/documentation/signatures/TROJAN%3ASYNFUL-KNOCK-CNC.html

 

---------------------------------------------------------------------------------------------------------------------------------

TROJANSmiley FrustratedYNFUL-KNOCK-CNC - TROJAN: Cisco SYNful Knock Attack Malware C&C Request

Severity: HIGH

Description:

This signature detects Cisco SYNful Malware Knock Beacon C&C traffic over HTTP (port 80).

The source IP host is infected and should be removed from the network for analysis.

---------------------------------------------------------------------------------------------------------------------------------

 

 

Regards,

Srinath 

 

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too