[181969] in North American Network Operators' Group
RE: Possible Sudden Uptick in ASA DOS?
daemon@ATHENA.MIT.EDU (Mark Mayfield)
Thu Jul 9 04:09:01 2015
X-Original-To: nanog@nanog.org
From: Mark Mayfield <Mark.Mayfield@cityofroseville.com>
To: Roland Dobbins <rdobbins@arbor.net>
Date: Wed, 8 Jul 2015 17:43:46 +0000
In-Reply-To: <6BB7E84B-E5C7-40F2-AD90-6075E491819D@arbor.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Thank you sir. I read your presentation quite some time ago, probably one =
of the first times you posted to the list. It has definitely informed many=
of my design processes; particularly with regard to server publishing, and=
been a major part of my supporting documentation in arguments with others =
at my organization over the last few years.
Of course, these particular ASA implementations are for law enforcement app=
lications, so we are mandated to implement in ways that auditors from the s=
tate and federal agencies approve of.
However, this makes me consider the need to more aggressively ACL inbound t=
raffic at the router level before these particular firewalls, which I can d=
o, and may help mitigate such events, so thank you for the reminder!
Mark Mayfield
City of Roseville - AS 54371
Network Systems Engineer
2660 Civic Center Drive
Roseville, MN 55113
651-792-7098=A0=A0=A0=A0=A0 Office
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Roland Dobbins
Sent: Wednesday, July 08, 2015 12:18
To: nanog@nanog.org
Subject: Re: Possible Sudden Uptick in ASA DOS?
On 8 Jul 2015, at 23:58, Mark Mayfield wrote:
> Come in this morning to find one failover pair of ASA's had the=20
> primary crash and failover, then a couple hours later, the secondary=20
> crash and failover, back to the primary.
See this preso:
<https://app.box.com/s/a3oqqlgwe15j8svojvzl>
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
