denial of service attack?

Discussion in 'Cisco' started by tony, Apr 30, 2004.

  1. tony

    tony Guest

    I am getting the strangest occurrences. I have a managed IPVPN
    network through a major ISP and it seems that something is bringing
    down each remote IPVPN site we have in a certain order by ip-address.
    What could be causing this? We hooked up a sniffer on our local
    network and didn't find anything that seems out of the ordinary. I am
    definately missing something. As soon as one network site comes back
    up i.e 192.168.5.x then the next one will go down 192.168.6.x as if
    something is scanning the ip's on each subnet and causing the site to
    bounce every few seconds. This has been going on for 2 weeks now!!
     
    tony, Apr 30, 2004
    #1
    1. Advertising

  2. In article <>,
    tony <> wrote:
    :I am getting the strangest occurrences. I have a managed IPVPN
    :network through a major ISP and it seems that something is bringing
    :down each remote IPVPN site we have in a certain order by ip-address.
    :What could be causing this?

    You posted your question to a Cisco newsgroup. If implication
    is that Cisco equipment is installed, then I suggest you
    go to cisco.com's site and read the last several Security Advisories
    (you can use that as a search term.) Go back to roughly the October
    timeframe. Some of the advisories describe some DoS attacks that
    could potentially take down a tunnel.

    For those DoS attacks described, I would tend to think that they
    would tear down several tunnels at once (router level) rather than
    one at a time. But it would depend on how the IPVPN site was
    implimented: if you had protections right up to the point
    where the virtual interfaces were demarcated, then -possibly- you
    might see an effect such as you are seeing. But your question
    doesn't really give us a lot to go on, to rule out possibilities:
    without hardware and software information (and topology would help),
    there isn't much we can say other than "Well, there -are- fast-acting
    DoS attacks out there: is the equipment fully patched?"
    --
    Rump-Titty-Titty-Tum-TAH-Tee -- Fritz Lieber
     
    Walter Roberson, Apr 30, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    0
    Views:
    708
  2. Jim PKP

    Denial of Service Attack

    Jim PKP, Apr 2, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    994
    Jim PKP
    Apr 2, 2004
  3. crb

    What does denial of service attack mean?

    crb, Apr 30, 2005, in forum: Computer Support
    Replies:
    4
    Views:
    2,151
    ellis_jay
    May 2, 2005
  4. crb

    What is a Denial of Service Attack?

    crb, May 22, 2005, in forum: Computer Support
    Replies:
    2
    Views:
    469
    127.0.0.1
    May 23, 2005
  5. Daeron

    is the current SCO denial of service attack bogus ?

    Daeron, Feb 1, 2004, in forum: Computer Information
    Replies:
    0
    Views:
    702
    Daeron
    Feb 1, 2004
Loading...

Share This Page