Here is the problem:
My firewall is
crashing with predictable results. Support told me to buy support. I do not have
current budget for that. Don't get me wrong, I am not bashing Support. They are
trying to make a living, as we all are. Their position is not unreasonable.
Also,
version 3.1.3 did not seem susceptible to this form of crash.
So, I am at your
mercy. Hopefully you can tell me something that makes sense of this problem.
I have reviewed my
configs and found nothing bizarre. Yet, I still see the 3.2.1 version of
Gnatbox Pro crash like clockwork.
The only odd thing I
have seen is certain traffic pointed directly at the firewall DMZ NIC. The
destination ports have been 20,21,23 and 80. The traffic was not directed
through the firewall, but to it. Odd!
RMC and WWW
management is OFF!
I added a filter to
block traffic to these ports when the DMZ nic is the destination IP. Since doing
so, the firewall logs have been going crazy. About 30,000 hits in 12 hours. Most
to port 80 (about 99.9%).
I believe most
of the traffic is originating from "Code Red" or "Nimda" infected systems
looking for a meal.
This traffic appears
to have a pattern with respect to time - every second to third week of the
month a dramatic increase in this traffic appears.
So far nothing has
gotten through. But the crashes are killing me!
Any ideas? Anyone
else seeing this type of crap???
Regards,
Danny H.
Cox
