My network went down yesterday - 8 4006 and 2 6506 went down - rebooted. Cause of the problem , a firewall specialist ran a scan on Apache on the network - this caused all the switches to reload - is there any way to stop this - can be accompliced by configuring snmp access-lists and using different ports except port 80.Please advise
Put the management VLAN and IP addresses for the switches on a different segment. If whatever the scan was doing plowed through a router to get to the switches, it sounds pretty nasty. Put a sniffer on the line and see exactly what is going on, thats the first step for sure.
Would it be possible to get a detail of exactly what scan and software he was running at the time. I would be very interested in knowing the explicit vulnerability that was hit. Have you opened a TAC case on this yet or alerted Cisco security?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...