Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Hugo_vd_Kooij
Advisor

Weird issue due to pentest

I am investigating an issue with a side effect of the pentest on a firewall.

The implied rules allow HTTPS to the gateway. The pentester has used it to run some test (yet unspecified) against the gateway.

The customer complaind it had a heavy impact on their business. But looking at it afterthe fact I could not find anything odd in $FWDIR/log/*elg* nor $CPDIR/log/*elg* files. Neither was cpview -t showing anything out of the ordinary. Just a slight increase of the load on the FW worker CPU's.

So far the only thing that I found interesting is that with 8 cores I only have 4 FW workers. Where the 4 SDN cores are almost 99% idle. 

Anyone any other suggestion to investigate over 24 hours after the fact?

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Did you check /var/log/messages or anything like that?
Maybe there was significant load on the Apache running the Gaia WebUI and/or multiportal.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events