Possible Sudden Uptick in ASA DOS?
Hugo Slabbert
hugo at slabnet.com
Wed Jul 8 17:11:02 UTC 2015
On Wed 2015-Jul-08 16:58:24 +0000, Mark Mayfield <Mark.Mayfield at cityofroseville.com> wrote:
>Come in this morning to find one failover pair of ASA's had the primary crash and failover, then a couple hours later, the secondary crash and failover, back to the primary.
>
>Another pair running the same code had the primary crash and fail in the same time window.
>
>So, three crashes in 4 hours in our environment.
>
>Open a TAC case on one of these for post-mortem analysis, and they interpreted the crash dump to point at a DOS bug first published in Oct.
>
>The very interesting thing; on the phone the TAC engineer said this was "the 10th one of these I've dealt with this morning".
>
>Here's the bug they reference:
>https://tools.cisco.com/bugsearch/bug/CSCul36176/?reffering_site=dumpcr
>
>Anyone else have observations to add on this?
Not sure about ASA-specific DoS and the bug you're pointing at, but we saw
some NTP reflection this morning. Then there's the WSJ, NYSE, and UAL from
this morning as well. Rough day on the internets?
>
>Mark Mayfield
>City of Roseville - AS 54371
>Network Systems Engineer
>
>2660 Civic Center Drive
>Roseville, MN 55113
>651-792-7098 Office
>
--
Hugo
hugo at slabnet.com: email, xmpp/jabber
PGP fingerprint (B178313E):
CF18 15FA 9FE4 0CD1 2319
1D77 9AB1 0FFD B178 313E
(also on textsecure & redphone)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150708/e5944a29/attachment.sig>
More information about the NANOG
mailing list