jnxJsScreenMonAddrSpoof

One method to gain access to a restricted network is to insert 
a bogus source address in the packet header to make the packet 
appear to come from a trusted source. This technique is called 
IP spoofing. The mechanism to detect IP spoofing relies on 
route table entries. 
                 
For example, if a packet with source IP address 10.1.1.6 arrives 
at port eth3, but the device has a route to 10.1.1.0/24 through 
port eth1. IP spoofing checking notes that this address arrived 
at an invalid interface as defined in the route table. A valid
packet from 10.1.1.6 can only arrive via eth1, not eth3.  The 
device concludes that the packet has a spoofed source IP address 
and discards it. 
              
This attribute records the address spoofing attack packets.

MIB

JUNIPER-JS-SCREENING-MIB

OID

.1.3.6.1.4.1.2636.3.39.1.8.1.1.1.1.7

Type

column

Access

readonly

Status

current

Parent

jnxJsScreenMonEntry