Ticket Number: HEA-NOC/20080806-7 Ticket Status: UPDATE
Ticket Type: unscheduled Resolver:
Ticket Opened: 20080806 12:37 UTC+1 Problem Start: 20080806 12:30 UTC+1
Ticket Update: 20080807 14:07 UTC+1 Problem End:
The 2 hotstandby devices are experiencing high CPU load and have become
Loss of hot standby service.
20080806 12:35 JB - Hot standby routers become unresponsibe. NOC start to
investigate the problem.
20080806 17:43 DL hot standby routers target of attack exploiting DNS
service. No conclusions at this time.
20080807 10:08 DL Hot Standby still fluctuating in providing service.
- A number of addresses identified as possible source of attack and at the
moment verifying with responsible entity.
- Suspected source of problem is the exploit of vulnerability
- Ticket opened with support, awaiting updates.
20080807 11:40 DL
Support, pending detailed analysis does suspect Hot Standby service to be
target of attack exploiting the vulnerability previously mentioned.
Support working on the case.
Currently working towards migrating Hot Standby service hardware platform
to a non vulnerable one.
20080807 14:05 DL A hardware replacement, not vulnerable to the exploit
mentioned as per manufacturer specifications, is being shipped to the
corresponding datacenter. Replacement expected to happen within 3 hours.
Time to Fix:
Not known at the moment
This ticket can be monitored at http://www.hea.net/tickets/20080806-7
HEAnet Limited. Registered in Ireland, No. 275301.