Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Peculiar Unresponsivness of IP

from [Kartik] Network Security [Permanent Link]
Subject: Re: Peculiar Unresponsivness of IP
Date: Fri, 21 Dec 2007 17:01:38 +0530 
Hi All,

To Bennett- we already tried some of the things like speed/duplex,
different switchport, unplug and plugin the cable etc.

To Michael Bellears- During the outage, hen we ping the IP address
from the internet we get "Request Timed Out" but at the same time the
dice is pingable from inside network. The device can also ping the
switch at that time.

To Eric Pinkerton- The VPN device is connected via a console, and at
the time of outage the VPN device is able to ping the switch. We also
tried capturing the packets via wireshark last week and found some STP
protocol loop, we rectified it, we also disabled the CDP protocol as
it was generating a lot of packets. Despite of this the problem
exists.

To- Ong Chin Kiat- We can not alter the topology as the datacenter/
site is in a different country. Nothing has been changed on the branch
office tunnels and Does a virus or a Worm can flood the VPN device
like that? SInce the data will be tunneled and encrypted, i think this
can not be the case. What do you say? And as far as logs are
concerned, we cheked the logs and didnt find anything, we also opened
a ticket with Nortel and sent the logs to them but unfortunately they
also said "Everything lokks to be good"

On Dec 20, 2007 6:41 PM, Kartik <kartik.netsec@gmail.com> wrote:

Hi,

We have been facing a peculiar issue since last 15 days, what happens
is that ONE of our Public IP addresses which is assigned to a Nortel
VPN device gets unreachable(request timed out) for 2-3 MINUTES after
every 5 to 10 HOURS. It adversely affects the Branch Office VPN
tunnels the moment the Public IP assigned to it gets unresponsive from
the internet.

The setup is like this:---- <Internet cloud>------- <Cisco Internet
Router which is inside our Network>------ <Cisco Switch>-------<Notel
VPN Device>-----<Firewall>---------<LAN> (Plz note that this setup has
been running since last 3-4 yrs without a problem)

Interestingly, When we try pinging the device (Public IP) from the
internet we get "request time out" at the time of outage but at the
same time when we try to ping the device from inside network, we are
able to ping it.

In short, when the outage occours:

1) we are able to ping the Internet Router
2) we are able to ping the Switch IP from the Router (for testing
purpose we gave the public IP to switch and at the time of outage the
public IP of switch is pingable)
3) we are NOT able to ping the Nortel VPN device
4) we are able to ping the Nortel VPN device from INSIDE NETWORK
5) we are able to ping the SWITCH from Nortel VPN device at the time of outage

The most interesting part of it is that this outage lasts for only 2-3
minutes and the connectivity automatically gets restored after 2-3
minutes. We cant even presume that when this outage will happen again.
sometimes the duration between the outages was 5hrs, sometimes 8hrs
and sometimes even 16hrs.

We opened a ticket with Nortel technical support and after all the
analysis they said that VPN device is working fine. Even we also
cheked the Cisco Switch and it also seems to be Ok.

Please suggest.

--
Thanx,
Kartik
www.hcl.in
+1 408 416 2089 X 5313
+91 9810998169





-- 
Thanx,
Kartik
www.hcl.in
+1 408 416 2089 X 5313
+91 9810998169
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Peculiar Unresponsivness of IP, Eric Pinkerton
Next by Date:  Re: IT Security project, c0unter14
Previous by Thread:  Peculiar Unresponsivness of IP, Kartik
Next by Thread:  RE: Peculiar Unresponsivness of IP, Eric Pinkerton
Indexes:  [Date] [Thread] [Top] [All Lists]