Re: Weird network problems

["Geo." <georger () getinfo net>]

> > Is anyone out there tracking down some weird network behavior yesterday
> > and today? I'm not talking about ping traffic from the worm or anything
> > like that, I'm seeing TNT MAX boxes go unpingable, arp broadcast storms,
> > one way traffic blocks on T1's between cisco routers, stuff that I have
> > not been able to explain yet.
>
> I'm seeing the exact same issues with the TNTs and am in the process of
> trying to track down exactly what is causing it. So far no pattern has
> emerged.

go here http://www.cisco.com/warp/public/707/cisco-sn-20030820-nachi.shtml

Implement the 92byte ping filter on all interfaces that are allowing the
worm's pings thru, solved our problem perfectly. The problem is when the
worm pings IP addresses that have nothing on them it creates the arp
request, as the number of those requests build some devices can't handle it
and it's crashing them. The TNT is one of the more braindead of those
devices. I'd be interested in knowing what other devices are also failing
from this.

Geo.