On Sat, 1 Oct 2005, ed wrote: > On Sat, 1 Oct 2005 09:05:47 -0600 (MDT) > Diana Eichert <[EMAIL PROTECTED]> wrote: > > > So now my buddy, realizing it was one of his Windows systems, becomes > > very contrite and apologizes for interupting me at the office. > > I beg to differ, as nice as it is to know the windows box caused the > many states, its the firewall admins fault for not increasing the state > limit. A small limit is good, so you know something has created many > states, but even so, the reason the firewall failed to pass traffic was > the state limit, not because the windows box had anything to do with it.
HaHaHa, you're such a dreeb. Try reading the story next time, but I'll give you a quick synopsis for the reading impaired. 1. FW, running for LONG time, no problems 2. 1 day it quits "working" 3. a look reveals lots of wierd entries in state table, almost as if there's a bad NIC on outside. 4. Closer look reveals the state table is filling up in 2-20 seconds, I repeat this FW has been running for almost 3 years, no problems 5. Oops, we find a Windows system that is spewing wierd fragments to the outside world. 6. Oh geez, it's a domain controller, it shouldn't be talking outside it's own local network, hmmm I wonder why, perhaps it was compromised? I don't care, I'm not the Windows admin, but it shouldn't be doing what it's doing. 7. remove bad (BadBadBadBadBad) Windows box from network and everything back to normal, now state table entries stabilize at 30% of limit. So Dweeb, what you recommend is upping the state table so we can increase the amount of crap that's leaking out from the Windows system? Brilliant, next time there's a Windows worm polluting the network I'll just think "Wow, it's not a Windows problem, I just need to buy hardware that can handle greater traffic." you're funny diana
