Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configure Reverse Shell Detection

Configure Reverse Shell Detection on SRX Series Firewall

A reverse shell allows the attacker to bypass firewalls and other security mechanisms to open the ports to the target system. It takes advantage of the vulnerabilities in the target system to start a shell session and access the system remotely. Reverse shell detection helps you to detect shell attacks and prevent potential data thefts. For more information, see Juniper Advanced Threat Prevention Cloud User Guide.

To enable reverse shell detection on SRX Series Firewalls, include the following CLI configurations:

  1. Configure the SecIntel profile and policy.

  2. Assign the SecIntel policy to a security firewall policy.

Use the show services security-intelligence statistics command to view the security intelligence statistics.

show services security-intelligence statistics

Use the show services security-intelligence category summary command to view the summary of security intelligence category.

show services security-intelligence category summary