[nsp] PIX
Christopher McCrory
cisco-nsp <cisco-nsp@puck.nether.net>
Mon, 09 Sep 2002 07:38:42 -0700
Hello...
odusseus wrote:
> Hi,
>
>>From the firewall's log (Cisco Pix 515), I got 22,000 messages from the same source IP address to the same IP destination
> saying that: "invalid transport number, in which [...] destination port number for a protocol is zero."
My money is on this being a probe. IIRC firewalk,
http://www.packetfactory.net/Projects/Firewalk, uses port 0 by default.
>
>
> Is it possible that someone sending a large amount of traffic to the firewall make this firewall unusable due to a cpu rate to
> high ?
>
> Is it possible to pass through the firewall which is not able to filter any traffic due to its cpu high rate ?
>
> Thank you.
>
> Regards
>
> Christophe
>
>
> ------------------------------------------
>
> Faites un voeu et puis Voila ! www.voila.fr
>
> _______________________________________________
> cisco-nsp mailing list real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
--
Christopher McCrory
"The guy that keeps the servers running"
chrismcc@pricegrabber.com
http://www.pricegrabber.com
Let's face it, there's no Hollow Earth, no robots, and
no 'mute rays.' And even if there were, waxed paper is
no defense. I tried it. Only tinfoil works.