Hi Jared, thanks for update do you know provider/source ip of the source of the attack ?
Colin > On 9 Jul 2015, at 12:27, Jared Mauch <ja...@puck.nether.net> wrote: > > Really just people not patching their software after warnings more than six > months ago: > > July-08 UPDATE: Cisco PSIRT is aware of disruption to some Cisco customers > with Cisco ASA devices affected by CVE-2014-3383, the Cisco ASA VPN Denial of > Service Vulnerability that was disclosed in this Security Advisory. Traffic > causing the disruption was isolated to a specific source IPv4 address. Cisco > has engaged the provider and owner of that device and determined that the > traffic was sent with no malicious intent. Cisco strongly recommends that > customers upgrade to a fixed Cisco ASA software release to remediate this > issue. > > Cisco has released free software updates that address these vulnerabilities. > Workarounds that mitigate some of these vulnerabilities are available. > > Jared Mauch > >> On Jul 8, 2015, at 1:15 PM, Michel Luczak <fr...@shrd.fr> wrote: >> >> >>> On 08 Jul 2015, at 18:58, Mark Mayfield <mark.mayfi...@cityofroseville.com> >>> wrote: >>> >>> Come in this morning to find one failover pair of ASA's had the primary >>> crash and failover, then a couple hours later, the secondary crash and >>> failover, back to the primary. >> >> Not sure it’s related but I’ve read reports on FRNoG of ASAs crashing as >> well, seems related to a late leap second related issue. >> >> Regards, Michel
