I ran into a situation today where we had a machine that was trying to FTP through the firewall. We allow FTP outbound. The problem that came up was that the user had no idea that an FTP client was setup on his machine. The FTP client (spyware) kept trying to connect to a server (ispynow.com) using the incorrect user name and password. For every attempt an xlate entry was created. It created about 7000 entries in a matter of minutes. The firewall was paralyzed. I had to console in and look at the xlate table. Even through the console I had a hard time viewing the table. Is there any way to prevent this from happening again?This is the second time this year an incident of this nature with the xlate table has occurred. How can I monitor the xlate table for strange behavior?
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65095&t=65095 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
