cisco 7200 performance issue
From: Luciano Z (user_luciano_at_yahoo.com.br)
Date: 05/21/03
- Previous message: Jerry Shenk: "RE: [ANNOUNCE] protocol watcher"
- Next in thread: Glenn Forbes Fleming Larratt: "Re: cisco 7200 performance issue"
- Reply: Glenn Forbes Fleming Larratt: "Re: cisco 7200 performance issue"
- Maybe reply: Wendy Garvin: "Re: cisco 7200 performance issue"
- Reply: Gary Flynn: "Re: cisco 7200 performance issue"
- Maybe reply: Luciano Z: "RE: cisco 7200 performance issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 May 2003 16:45:22 -0300 (ART) To: incidents@securityfocus.com
Hi!
I was responding an incident last night and saw a
strange performance problem with a cisco 7200.
When I issued a "sh interface" on the two fast
ethernets of my box it was show that I got only 6Mbps
traffic and normal packet per second rate but when I
"sh logg" the box I got a lot of
"%RCMD-4-RSHPORTATTEMPT: Attempted to connect to
RSHELL from x.y.z.w" messages with spoofed sources.
Investigating a little more I discovered that this
traffic was pushing the CPU to 98% to 100% of
utilization. Back to the output of "sh logg" I saw
that the box was logging 2 to 3 RSHELL messages per
second. In my opinion this coulndīt affect the CPU so
much. The router have 256M of RAM and itīs a 7200!
I coulndīt gather more info about this incident
because it stopped before I could get the data. The
strange thing itīs that the high CPU utilization
stopped too.
I donīt know if this is a problem of this cisco model
or if Iīm missing something. Any ideias?
[]
lwulff
_______________________________________________________________________
Yahoo! Mail
O melhor e-mail gratuito da internet: 6MB de espaįo, antivírus, acesso POP3, filtro contra spam.
http://br.mail.yahoo.com/
----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-incidents
----------------------------------------------------------------------------
- Previous message: Jerry Shenk: "RE: [ANNOUNCE] protocol watcher"
- Next in thread: Glenn Forbes Fleming Larratt: "Re: cisco 7200 performance issue"
- Reply: Glenn Forbes Fleming Larratt: "Re: cisco 7200 performance issue"
- Maybe reply: Wendy Garvin: "Re: cisco 7200 performance issue"
- Reply: Gary Flynn: "Re: cisco 7200 performance issue"
- Maybe reply: Luciano Z: "RE: cisco 7200 performance issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
