Hi Karl, On April 3, 2018 9:50:39 PM UTC, Karl Fife <karlf...@gmail.com> wrote: >There was just now a sudden spike in states, ~100x the normal number, >maxing out the system max in just an hour, and causing the system to >fail. > >With a maxed out state table, of course the system fails to process >traffic. Has anyone seen something like this before, or have any ideas > >what kinds of things would look like this? > >Monitoring PNG attached.
It potentially seems like a malware or trojan trying to make connections to the hosts on the Internet. tcpdump might show what's happening. I have seen recent increase in machines infected with WannaCry or Feodo Trojans to incessantly try and connect to a lot of hosts on the Internet on port 21 or 445. It increases state count by 10x at least. Regards, Nishant -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
