Juniper custom IDP signatures
Anyone have any experience writing Juniper custom IDP signatures? I'm just starting on this journey now and am hoping others here have already acquired this obscure knowedge and wisdom. I'm also interested is anyone has built an IDP signature testing lab entirely from VMs. There's gotta be a blog about all this somewhere.
Comments
-
Aldur
Member Posts: 1,460
I've never done this, but I'll do some searching and see what I can find.
Also, as a side note, I'm going to be doing some testing in VMs with SRX images. So, hopefully I can provide some help there too."Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."
-Bender -
JDMurray
Admin Posts: 13,091 Admin
Thanks. Any idea what version of FreeBSD JunOS v11 images are running on? The most current info I could find is JUNOS 8.5 is based on FreeBSD 6.1, which is nearly six years old. I'd really like to know what FreeBSD kernel JunOS 11.x is optimized for so I know what to install in my VMs.
Using the uname command on an SRX only shows JunOS info. Juniper seems to have done a fairly thorough job of covering up FreeBSD--except for the copyright and license info, of course. -
Aldur
Member Posts: 1,460
No idea off the top of my head for 11.x, I think 10.x is based off of FreeBSD 7, so it might be a good place to start."Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."
-Bender -
JDMurray
Admin Posts: 13,091 Admin
I'm hoping JunOS 11 is FreeBSD 8. I need to find a FreeBSD expert that knows how to tell the version of FreeBSD just by looking at certain system files.
Thanks.