Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: When cat comes chasing...

From: Roland Dobbins <rdobbins () cisco com>
Date: Fri, 23 Mar 2007 15:04:51 -0700

On Mar 23, 2007, at 1:18 PM, WALI wrote:


Anyone...anything???


Could it be DNS or some other name-resolution service you're using?
Could it be the autonegotiate between the routers? Why not go ahead and nail up the link?
What's the CPU load on the routers (baselined with MRTG)? What kind of routers are they? Are they dedicated to this one link, or are they handling other connections?
There are a lot of physical stats you can get on layer-2 ports from any vendor's products, all kinds of errors to look for, etc. on the routers and the switches.
Can you enable NetFlow on the routers and export it to something like nfdump/nfsen in order to get the traffic breakdown?
Is access to other things impacted? Have you enabled spantree portfast or its equivalent on the switches? Is a spanning-tree recalc happening for some reason? The syslog from the switches should tell you that. 

Those are the kinds of things I'd look for, FWIW.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice

        Words that come from a machine have no soul.

                      -- Duong Van Ngo


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: