I work as a Network Security Administrator for an ISP. We have two failover bundled PIX 525 firewalls with version 6.3(3). Recently the cpu usage of the firewall become nearly 100% denying accecss to our services from outside. After failing over to the secondary and performing sh conn command I see that there is a lot of DNS request to our DNS servers. I shutdown the secondary DNS and it seems the CPU usage of the firewall drops down a little bit. What is causing the high CPU usage? it this a DoS attack to our DNS?
Please help me on this.