Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
359
Views
0
Helpful
1
Replies

Router Crashes with ICMP to bogus address

admin_2
Level 3
Level 3

‎10-22-2003 09:24 AM - edited ‎03-02-2019 11:11 AM

Has anyone experienced router crashes say when traffic is sent from the client network to an ip address such as 173.173.173.173?

We noticed that on several routers, regardless of IOS! Any feedback would be appreciated!

Labels:
0 Helpful
1 Reply 1

konigl
Level 7
Level 7

‎10-23-2003 01:37 PM

Are you talking about specific traffic, to a specific bogus IP address? Or, are you seeing high volumes of ICMP pings to addresse not on your network?

Maybe you have one of those worms that's been going around the Internet, Blaster or Nachi. Symptoms are high number of pings, to sequential IP addresses; also connection attempts to other machines on TCP port 135 (Microsoft uses this port for Remote Procedure Calls), again with sequential IP addreses. I had a customer with just a handful of infected machines in their enterprise; traffic from them essentially shut down all routing between VLANs at their core.

Had to use a Sniffer and do some packet captures to identify the offending machines, then isolated them; and then cleaned them with utilities downloadable from the Internet.

Hope this helps.

0 Helpful
Customers Also Viewed These Support Documents