Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Nachi is for the devil! Flow QoS question

Reply
Thread Tools

Nachi is for the devil! Flow QoS question

 
 
Smash
Guest
Posts: n/a
 
      11-25-2003
Bom Dias folks,

I am having a heck of a time with remote connectivity to 2 of my
2600 series routers. The problem is that Nachi is bogging the routers
memory and CPUs down so much that I cannot establish a connection.
I am confident of this because when I console in and setup icmp acl's
for
the hosts that are shown in #sh ip cache flow | include 0800
I am able to get back in and the processor and memory usage goes down
dramatically.

Is there any way that I can set up some sort of QoS to allow me to
remote in if this is happening? (Short of breaking the 92 byte icmp
cabability of traceroute etc.)

Thanks for your folks input.

!Brian
 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      11-25-2003
In article <(E-Mail Removed) >,
Smash <(E-Mail Removed)> wrote:
:I am having a heck of a time with remote connectivity to 2 of my
:2600 series routers. The problem is that Nachi is bogging the routers
:memory and CPUs down so much that I cannot establish a connection.

:Is there any way that I can set up some sort of QoS to allow me to
:remote in if this is happening? (Short of breaking the 92 byte icmp
:cabability of traceroute etc.)

traceroute does not use 92 byte icmps -- traceroute uses udp.

Perhaps you are thinking of the Windows program tracert
which -does- use 92 byte icmps for its tracing.

My suggestion would be to get a different version of traceroute
and then block those 92 byte icmp packets.

There are probably some free traceroute utilities for windows.
When I look on the net quickly, I happen to find a selection of shareware
utilities: see http://www.labmice.net/Utilities/traceroute.htm
for those.
--
Warning: potentially contains traces of nuts.
 
Reply With Quote
 
 
 
 
Smash
Guest
Posts: n/a
 
      11-26-2003
Thanks for the clarification between traceroute and tracert.
I did indeed mean tracert.





http://www.velocityreviews.com/forums/(E-Mail Removed)-cnrc.gc.ca (Walter Roberson) wrote in message news:<bq048q$71o$(E-Mail Removed)>...
> In article <(E-Mail Removed) >,
> Smash <(E-Mail Removed)> wrote:
> :I am having a heck of a time with remote connectivity to 2 of my
> :2600 series routers. The problem is that Nachi is bogging the routers
> :memory and CPUs down so much that I cannot establish a connection.
>
> :Is there any way that I can set up some sort of QoS to allow me to
> :remote in if this is happening? (Short of breaking the 92 byte icmp
> :cabability of traceroute etc.)
>
> traceroute does not use 92 byte icmps -- traceroute uses udp.
>
> Perhaps you are thinking of the Windows program tracert
> which -does- use 92 byte icmps for its tracing.
>
> My suggestion would be to get a different version of traceroute
> and then block those 92 byte icmp packets.
>
> There are probably some free traceroute utilities for windows.
> When I look on the net quickly, I happen to find a selection of shareware
> utilities: see http://www.labmice.net/Utilities/traceroute.htm
> for those.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NACHI-B : WHITE WORM ? sam1967@hetnet.nl Computer Security 3 02-13-2004 10:00 PM
Nachi-A worm consumed all of router's memory? duder Cisco 1 12-12-2003 08:40 PM
Nachi/Welchia Number One active worm on local ISP and possibly in the World Blake McNeill Computer Security 0 11-18-2003 05:04 PM
worm/nachi ~misfit~ NZ Computing 28 09-23-2003 09:42 AM
New anti-blaster worm attempts to fix RPC/DCOM vuln - W32/Nachi.worm Lord Shaolin Computer Security 6 08-20-2003 10:39 PM



Advertisments