[nsp] Pix 6.3(3) and UDP issues
Scott Morris
swm at emanon.com
Thu Sep 25 10:09:06 EDT 2003
No, no marking to be deleted... Just open connections, and were to port
53 udp. They had minimal byte counts, which suggests a DNS transaction.
But otherwise, looked like a normal connection with high idle time.
Scott
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Turpin Mark
Contr AFCA/GCF
Sent: Thursday, September 25, 2003 10:04 AM
To: cisco-nsp at puck.nether.net
Subject: RE: [nsp] Pix 6.3(3) and UDP issues
> -----Original Message-----
> From: Scott Morris [mailto:swm at emanon.com]
> Sent: Thursday, September 25, 2003 7:42 AM
> To: 'Olav Langeland'; tgrace at tgrace.com; cisco-nsp at puck.nether.net
> Subject: RE: [nsp] Pix 6.3(3) and UDP issues
>
>
> Yup, that's correct. I saw it more with incoming connections than
> outgoing, but I didn't really spend much time sifting through the
> thousands and thousands of DNS connections still open LONG after they
> should have been closed. :)
[snip]
Scott,
Were the connections marked to be deleted? In other words, did the
connections have the 'd' flag, or just the DNS 'D' flag?
cheers,
-Mark
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list