AnsweredAssumed Answered

Session Not Dropped After Scan Finishes - Denial of Service - Help!

Question asked by John Fleck on Oct 21, 2014
Latest reply on Jun 6, 2015 by Ryan Lewkowski

I have an unusual problem.  I ran a non-credentialed scan on two Windows Servers, both running Qlogic HBA software, on Oct 7, 2014.  The sunrpc service for Qlogic listens on port 111.  A NetStat indicated that this sunrpc service had 104 ESTABLISHED connections to our two Qualys appliances causing a serious performance issue.  When the servers were rebooted the connections were cleared and performance was restored to normal.  I do not think it was a Qualys problem but an issue with the servers.  Has anyone seen anything like this?  Is there a recent document of known Qualys issues that I can refer to?  I am getting all kinds of heat from this from upper mgmt. and need to respond asap.  Any help or direction is appreciated.  If needed I can supply more details.

Thanks in advance for your assistance.


John Fleck