Red Alert - False Alarm
damn... yesterday when my shift time... we got a suddenly very high traffic... dropped and accepted TCP Connection from difference Firewall Device from our Client and it makes me and my partner escalating this events to High Alert. we do the analysis about 5 hours and still for the accepted TCP traffic is we are not sure yet.. so we go for the RFC (Request For Clarification).
and after i finish the SA (Security Announcement), we move to the analysis of RFC stuff... but after 2 hours of sending the SA, client call back to verify the things that related to Accepted TCP Connection.. because the IP Address we give to them was a big server farm (their primary servers at the Data Center). we trying to dig all day and at last we go to clarification things that the Accepted TCP Connection is truly a False Alarm.
damn... after several hours of analysis things... we still make a false alarm. i think we better trying to separate the emotions and analytical stuff.
bad day.... bad day....
*playing Daniel Powter's Song - "Bad Day".
and after i finish the SA (Security Announcement), we move to the analysis of RFC stuff... but after 2 hours of sending the SA, client call back to verify the things that related to Accepted TCP Connection.. because the IP Address we give to them was a big server farm (their primary servers at the Data Center). we trying to dig all day and at last we go to clarification things that the Accepted TCP Connection is truly a False Alarm.
damn... after several hours of analysis things... we still make a false alarm. i think we better trying to separate the emotions and analytical stuff.
bad day.... bad day....
*playing Daniel Powter's Song - "Bad Day".
posted by anomalies at 9:22 AM
0 Comments:
Post a Comment
<< Home