RE: Checkpoint Problems

["David Hawley" <chiman () hawaiian net>]

LOL, an interesting problem.  I can tell you that there was a bug in SunOS
3.5 that caused
the TOD (Time of Day) to fluctuate wildly, causing the entire Sun community
at the time to
suffer for a few days until the "TOD patch" could be implemented, and
dispatched.  The worst
effect I saw was that no changes could reliably be made to the "Yellow
Pages", now called
NIS (network information system) (and NIS+), the reason? any changes you
might make were seen
as older that the existing files, from the previous wild fluctuation.  We
implemented, a cron
job to do an rdate, NTP wasn't in common use back then, but presumably
implementing NTP would be a good thing.


                                     David Hawley
                          UNIX & NT Network Security, LLC.
                                drh () 123netsecurity com
                                www.123netsecurity.com



-----Original Message-----
From: firewall-wizards-admin () nfr com
[mailto:firewall-wizards-admin () nfr com]On Behalf Of Tim Chettle
Sent: Thursday, November 29, 2001 9:57 AM
To: firewall-wizards () nfr com
Subject: [fw-wiz] Checkpoint Problems


I am running Firewall 1 4.1 sp5 on Solaris 2.6 recently the time was reset
back on the platform by 6 hours which resulted in the HTTP security servers
going rogue and consuming approx 70% of cpu cycles and refused any
connections to it.

Whilst I fully appreciate that setting the clock back is a big no no what I
would like to understand is what impact that would have on the state table.
Given this behaviour what would happen if I connected the server to an NTP
server.



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards