Table of Contents
Advertisement
Juniper Advanced Threat Prevention Appliance
Table 5-15 set proxy
Parameters
Example
set honeypot (collector mode)
Table 5-16 set honeypot
Description
Product(s) CLI
Mode(s)
Syntax
Example
98
inside
outside
add
remove
The following example sets an inside data path proxy:
JATP(collector)# set proxy inside 10.1.1.1 53
The following example sets an outside data path proxy:
JATP(collector)# set proxy inside 10.2.1.1
Enables and disables the SSH-Honeypot feature for a Traffic Collector.
A honeypot can be deployed within a customer network to detect network activity
generated by malware attempting to infect or attack other machines in a local area
network. These attempted SSH logins can be used to supplement detection of
lateral spread.
There are two parameters that can be set for a honeypot:
• Enable/disable a honeypot
• Set a Static IP (IP, mask, and gateway) or DHCP of a publicly addressable inter-
face
show honeypot
See Also:
All-in-One | Collector
collector
(collector)# set honeypot ssh-honeypot enable dhcp
(collector)# set honeypot ssh-honeypot enable address (IP
address) netmask (subnet IP) gateway (IP address)
(collector):# set honeypot ssh-honeypot disable
The following example enables the SMB parser for lateral detections:
set honeypot ssh-honeypot enable
(collector)#
address 1.2.3.4 netmask 255.255.0.0 gateway
1.2.3.1
NOTE
The static IP configuration does not require configuring DNS.
Honeypots do not require a DNS server at this time.
Copyright© 2018, Juniper Networks, Inc.
Sets the inside proxy IP addresses
Sets the outside proxy IP addresses
Adds a proxy configuration.
Removes a proxy configuration.
command in show (collector mode)
Advertisement
Table of Contents
