Hi I've had a report back from one of our LAN admins telling me that Nessus scans cause the following error messages to appear on one of their Cisco 4000 routers
%IP-3-UDP_SOCKOVFL:UDP socket 2353 overflow I have searched the web and found that there is at least one Cisco bug (CSCdt86655) that causes this error message but this router has that fix on it. The Cisco descriptions of this error message say that there are too many UDP packets for a particular port arriving within a short space of time - 1ms is the time mentioned in the reports I read. I've looked at the plugin source and it appears to work by looping through all the defined community names within it and sends out packets for all of them with no pause between them. Once it has sent out a packet for all 45 community strings that are embedded within it, it waits for responses from each of them. I suspect that it is this methodology that causes the error message - perhaps it should either wait for a short time after sending each packet or it should send one/receive one not send 45/receive 45! Anyone have any thoughts on the best way to fix this? Trevor Hemsley, Security Specialist, Atos Origin Ltd, Whyteleafe, +44-(0)1883-628139 [Disclaimer: This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavors to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted.] _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
