Has anyone had any instance(s) of a telnet connection saturating the iSeries (somewhat like a DOS attack). Last week I was contacted in the middle of the night due to users unable to open any sessions. I attempted to get a session from home but was unsuccessful. I came to the office and found (via work with TCP CNN status) that I had hundred's of connections at Close-wait from a PC at one of our sites in another state. I tried ending the connections but ending 100 would just open 500 more. Called IBM support and they recommended disconnecting this PC from the network. The person assigned to this PC was not at work and this PC was in a locked office. It was disconnected and all went back to normal. We checked the PC for any Malware, virus, new software, etc. and were found none. We reconnected the PC to the network and all worked normally - Established connection. IBM said this could have been caused from a port tester but network research showed none. Thank you in advance for any suggestions/recommendations you may be able to provide.
April 21, 2010 1:27 PM
April 23, 2010 1:43 AM