cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1571
Views
0
Helpful
5
Replies

FWSM restarts when pen-testing launched.

CyberSecLead
Beginner
Beginner

Dear All,

Last week both my FWSM restarted when we launched penetration testing carried towards the appliance.

Please find my pasted logs and crashinfo files attached.

I need to know the below queries.

1) How to make sure that, the FWSM restarted due to only reason being Pen-testing launch ( Provide me with the assurance from crashinfo files, with detail notes )

2) How to stop these attacks and protect my FWSM in the future.

Awaiting experts to clarify my points.

002012: Jul 16 18:02:27.295 UAE: %SNMP-5-MODULETRAP: Module 9 [Down] Trap

002013: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/5, changed state to down

002014: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/6, changed state to down

Jul 16 18:02:27.299 UAE: SP: The PC in slot 9 is shutting down. Please wait ...

002015: Jul 16 18:02:35.519 UAE: %SEC_LOGIN-5-QUIET_MODE_OFF: Quiet Mode is OFF, because block period timed out at 18:02:35 UAE Mon Jul 16 2012

Jul 16 18:02:42.301 UAE: SP: shutdown_pc_process:No response from module 9

002016: Jul 16 18:02:52.303 UAE: %C6KPWR-SP-4-DISABLED: power to module in slot 9 set off (Reset)

002012: Jul 16 18:02:27.295 UAE: %SNMP-5-MODULETRAP: Module 9 [Down] Trap

002013: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/5, changed state to down

002014: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/6, changed state to down

Jul 16 18:02:27.299 UAE: SP: The PC in slot 9 is shutting down. Please wait ...

002015: Jul 16 18:02:35.519 UAE: %SEC_LOGIN-5-QUIET_MODE_OFF: Quiet Mode is OFF, because block period timed out at 18:02:35 UAE Mon Jul 16 2012

Jul 16 18:02:42.301 UAE: SP: shutdown_pc_process:No response from module 9

002016: Jul 16 18:02:52.303 UAE: %C6KPWR-SP-4-DISABLED: power to module in slot 9 set off (Reset)

Regards / Vimal.

5 Replies 5

Hi Bro

The crash file that you've provided is corrupted but no worries. I faced similar issues as well and after upgrading my FWSM to the latested version at that time v4.7.1, the FWSM didn't crash anymore when a Pen Test is being done. I believe this was due to a software bug.

Warm regards,
Ramraj Sivagnanam Sivajanam

Hi Ramraj,

Thanks for your reply.

I need to provide a concrete info to my management, either presenting them with a software bug-id before going for an upgrade.

So it would be good if any experts come back with a clear bug information.

Many thanks.

Vimal.

Please open a TAC case for situations like this.

Adam Makovecz
Beginner
Beginner

Hi,

your crash is caused by CSCtg68694. You need to upgrade, please note 3.1.7 is an extremely old version. Try to move to 4.1.x

cheers

Adam

Thanks a lot Adam. Appreciate.

Any stable version do you recommend in the 4.1.x train.

Regards / Vimal.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers