2 Replies Latest reply on Oct 16, 2018 4:21 PM by gilbert.aispuro

    Port Scan Bricks Router

    gilbert.aispuro New Member

      We currently have a security company that is testing our infrastructure using Nessus. Every time they run a test on our routers, (Total Access 930 and Netvanta 5560), they hit 100% CPU utilization, brick and our internet goes out.  I even tried to console into the router when its unresponsive and I get nothing but garbage text spewing out.  I've tried two different serial cables, tried every possible setting in the terminal and still nothing. After a I kill power to the appliance and it reboots, everything is restored and we have internet connectivity again.

       

      Any reason this would happen? Is there anything I can do on my end to prevent this from happening? Any commands? Rate-limiting?

        • Re: Port Scan Bricks Router
          brian_ctl New Member

          It may have to do with to many FFE sessions or firewall session.  you can create some acls to limit packets to the Adtran  interface IP's from trusted sources like your management IP subnet .  if you are maxing out your FFE they can be increased as well as the firewall sessions.  If you are running the newer code you can see your ffe peak's.

            • Re: Port Scan Bricks Router
              gilbert.aispuro New Member

              Found the issue. So I decided to debug when they were pen testing and I noticed that the pen-laptop ended up peering with my CenturyLink  BGP connection, essentially kicking the router peering off and removing all my routes. I believe next step would be to add a password on our peering. haha.

               

              Wow, what a test.