Is there by anychance any cisco gear in front of the raptor? I fell into the same scenario a while back where the cisco was the actual problem and not the FW-1. If you have mapped the public ip's I suggest looking for one. Just a thought... ( i had to slow my scans down to the polite setting.. yikes was that slow.) blue >On Thursday 06 December 2001 06:06 pm, Stuart wrote: >> We've run a pentest against a customer recently and found that the very act >> of port scanning their Raptor firewall (running on NT) crippled its ability >> to accept incoming connections for their web site. The firewall is a new >> high spec PIII and the least line is a decent size. The nmap scans were >> standard timing (not T5 or anything daft) - once the scans were stopped, >> things burst back in to life within about 10minutes. >[ snip ] >> Does this ring any bells with anyone? Seems very odd to me... a portscan >> should not cause a DOS by itself... ================================================================= Kies een origineel e-mailadres op www.emails.nl ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Dec 10 2001 - 13:23:19 PST