Bad Ip header Recieved and Dos Attack alert Css11503

Hi,
I'm currently experiencing problems with my redundant CSS's I have logging setup to e-mail errors. Intermittently I receive the following messages;
JAN 16 10:22:08 1/1 1392227 IPV4-4: Ipv4MasterForwIphdrChk: Dest = 224.0.0.18,
Src = 192.168.99.2, DosAttack ILLEGAL SOURCE
JAN 16 10:22:08 1/1 1392228 VRRP-4: VrrpMain: bad IP header received, Bman free'd
From Previous post I noticed that there was a bug similar to this but I am currently using a version of software that is suppose to resolve this problem.
Web-CSS01# sh ver
Version: sg0720104 (7.20 Build 104)
Flash (Locked): 7.10 Build 3
Flash (Operational): 7.20 Build 104
Type: PRIMARY
Licensed Cmd Set(s): Standard Feature Set
Enhanced Feature Set
Secure Management
I would be very greatful form any help on this.

The bug you mentioned is realted to multicast traffic that the CSS does not understand.
In this case, this is traffic generated by a CSS.
This is VRRP, the protocol use for CSS redundancy.
I believe you opened a case for this and the suggestion (which is correct) is to have preempt only on one CSS not on both.
You could also experience this, if one side is not configured for redundancy.
So, check your config and make sure you apply the recommendations.
Regards,
Gilles.

Similar Messages

  • Drop outs and - [DoS attack: ACK Scan RST Scan, Teardrop attack....]

    Hi all Dropped a little excerpt of my router status log below.Basically the internet keeps dropping out, making streaming a pain in the a##....If anyone could offer advice, suggestions etc, Itd be greatly appreciated.  Our internet was flawless for three days at our new address, no drop outs stable, fair speed. however the last two days all of a sudden we are getting continual drop outs...?? I have done the usual basics, >Checked lines, Replaced and tested Cables, replaced with new filter and tested without filters.>Tested using three different modems (known working), Netcomm, Netgear, Telstra technicolour... All perform the exact same.>Updated modem firmwares, and powercycled all modems.>Factory reset each modem, >We dont have a static ip, so each time it drops there is a new ip, However after a while the DOS rubbish happens again and the internet drops out.)> Tested using PPPOA and PPPOE, might be luck, but pppoe seems better?>Tested using different line noise profiles. No change.Recently I also changed all the Wifi Security options so that only one pc is on the network, in case one pc is causing the drama?? >Now using a netgear DGND3700v2 (like it best lol)
      Connection stats:ADSL LinkDownstreamUpstreamLink Rate5442 Kbps923 KbpsLine Attenuation47.0 dB28.0 dBNoise Margin6.4 dB6.7 dB    Todays Status log:<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>[admin login] from source 192.168.0.3 Wednesday, July 15,2015 02:43:09
    [DoS attack: ACK Scan] from source: 216.189.219.70:17005 Wednesday, July 15,2015 02:41:30
    [DoS attack: ACK Scan] from source: 27.252.96.71:62655 Wednesday, July 15,2015 02:39:23
    [DoS attack: ACK Scan] from source: 122.52.119.31:17560 Wednesday, July 15,2015 02:37:55
    [DoS attack: RST Scan] from source: 179.184.140.115:16884 Wednesday, July 15,2015 02:30:12
    [DoS attack: ACK Scan] from source: 17.132.254.11:5223 Wednesday, July 15,2015 02:29:46
    [DoS attack: ACK Scan] from source: 17.132.254.17:5223 Wednesday, July 15,2015 02:29:11
    [DoS attack: ACK Scan] from source: 17.132.254.17:5223 Wednesday, July 15,2015 02:28:48
    [DoS attack: ACK Scan] from source: 17.132.254.17:5223 Wednesday, July 15,2015 02:28:27
    [DoS attack: ACK Scan] from source: 104.16.21.35:443 Wednesday, July 15,2015 02:23:35
    [DoS attack: ACK Scan] from source: 104.16.21.35:443 Wednesday, July 15,2015 02:23:04
    [DoS attack: RST Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:22:00
    [DHCP IP: (192.168.0.2)] to MAC address F0:25:B7:18:BF:90 Wednesday, July 15,2015 02:21:24
    [DoS attack: ACK Scan] from source: 60.240.152.126:443 Wednesday, July 15,2015 02:18:07
    [DoS attack: ACK Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:16:46
    [DoS attack: ACK Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:14:46
    [DHCP IP: (192.168.0.3)] to MAC address DC:85E:02:CE:18 Wednesday, July 15,2015 02:14:25
    [DoS attack: ACK Scan] from source: 207.46.11.151:443 Wednesday, July 15,2015 02:13:56
    [DoS attack: ACK Scan] from source: 173.252.102.16:443 Wednesday, July 15,2015 02:13:33
    [DoS attack: ACK Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:12:46
    [Time synchronized with NTP server time-g.netgear.com] Wednesday, July 15,2015 02:12:46
    [DoS attack: ACK Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:11:45
    [DoS attack: ACK Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:11:15
    [DoS attack: ACK Scan] from source: 27.111.254.110:5223 Wednesday, July 15,2015 02:10:45
    [Internet connected] IP address: 123.211.78.198 Wednesday, July 15,2015 02:10:12
    [DSL: Up] Wednesday, July 15,2015 02:10:07
    [admin login] from source 192.168.0.3 Wednesday, July 15,2015 02:09:49
    [UPnP set event:AddPortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:27
    [UPnP set eventeletePortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:27
    [UPnP set event:AddPortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:27
    [UPnP set eventeletePortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:27
    [UPnP set event:AddPortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:22
    [UPnP set event:AddPortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:22
    [UPnP set event:AddPortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:22
    [UPnP set event:AddPortMapping] from source 192.168.0.3 Wednesday, July 15,2015 02:09:22
    [DHCP IP: (192.168.0.3)] to MAC address DC:85E:02:CE:18 Wednesday, July 15,2015 02:09:22
    [DHCP IP: (192.168.0.2)] to MAC address F0:25:B7:18:BF:90 Wednesday, July 15,2015 02:09:14
    [Initialized, firmware version: V1.1.00.23_1.00.23 ] Wednesday,   YESTERDAYS: I removed the ADSL password from the modem last night so that it wouldnt connect? If that makes any diference>>>>>>>>>>>>>>Status Log<<<<<<<<<<<<<<<< [UPnP set eventeletePortMapping] from source 192.168.0.4 Tuesday, July 14,2015 12:53:36
    [DoS attack: ACK Scan] from source: 181.208.125.20:51345 Tuesday, July 14,2015 12:39:23
    [DoS attack: Teardrop Attack] from source: 173.169.23.13:56601 Tuesday, July 14,2015 12:39:08
    [DoS attack: Teardrop Attack] from source: 173.169.23.13:56601 Tuesday, July 14,2015 12:39:08
    [DoS attack: Teardrop Attack] from source: 77.163.26.201:59976 Tuesday, July 14,2015 12:35:41
    [DoS attack: Teardrop Attack] from source: 77.163.26.201:59976 Tuesday, July 14,2015 12:35:41
    [DoS attack: Teardrop Attack] from source: 77.163.26.201:59976 Tuesday, July 14,2015 12:35:19
    [DoS attack: Teardrop Attack] from source: 77.163.26.201:59976 Tuesday, July 14,2015 12:35:19
    [DoS attack: Teardrop Attack] from source: 77.163.26.201:59976 Tuesday, July 14,2015 12:35:17
    [DoS attack: ACK Scan] from source: 178.167.254.109:55704 Tuesday, July 14,2015 12:35:16
    [DoS attack: ACK Scan] from source: 197.89.134.91:54291 Tuesday, July 14,2015 12:33:14
    [DHCP IP: (192.168.0.4)] to MAC address DC:85E:02:CE:18 Tuesday, July 14,2015 12:26:04
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:21:34
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:19:40
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:19:40
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:19:39
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:19:39
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:19:39
    [DoS attack: Teardrop Attack] from source: 23.119.204.188:48371 Tuesday, July 14,2015 12:19:38
    [DoS attack: RST Scan] from source: 174.16.237.129:51413 Tuesday, July 14,2015 12:16:09
    [UPnP set event:AddPortMapping] from source 192.168.0.4 Tuesday, July 14,2015 12:13:30
    [UPnP set event:AddPortMapping] from source 192.168.0.4 Tuesday, July 14,2015 12:13:30
    [DHCP IP: (192.168.0.4)] to MAC address DC:85E:02:CE:18 Tuesday, July 14,2015 12:13:24
    [DoS attack: ACK Scan] from source: 106.10.198.32:443 Tuesday, July 14,2015 12:11:54
    [DoS attack: ACK Scan] from source: 23.53.154.185:443 Tuesday, July 14,2015 12:10:51
    [DoS attack: ACK Scan] from source: 23.53.154.185:443 Tuesday, July 14,2015 12:10:20
    [DHCP IP: (192.168.0.3)] to MAC address 48:5A:3F:62:F2:E9 Tuesday, July 14,2015 12:09:38
    [DHCP IP: (192.168.0.2)] to MAC address F0:25:B7:18:BF:90 Tuesday, July 14,2015 11:54:14
    [DoS attack: ACK Scan] from source: 94.23.38.22:25565 Tuesday, July 14,2015 11:52:04
    [DoS attack: RST Scan] from source: 54.192.133.206:443 Tuesday, July 14,2015 11:50:57
    [DoS attack: ACK Scan] from source: 167.114.0.26:51127 Tuesday, July 14,2015 11:44:05
    [DoS attack: RST Scan] from source: 54.192.132.41:443 Tuesday, July 14,2015 11:39:42
    [DoS attack: RST Scan] from source: 179.60.193.52:443 Tuesday, July 14,2015 11:36:55
    [DoS attack: RST Scan] from source: 54.192.134.28:443 Tuesday, July 14,2015 11:36:27
    [DHCP IP: (192.168.0.2)] to MAC address F0:25:B7:18:BF:90 Tuesday, July 14,2015 11:29:31
    [DoS attack: ACK Scan] from source: 178.32.34.50:80 Tuesday, July 14,2015 09:04:57
    [DoS attack: ACK Scan] from source: 52.68.183.36:5223 Tuesday, July 14,2015 08:53:04
    [DoS attack: ACK Scan] from source: 52.68.183.36:5223 Tuesday, July 14,2015 08:52:25
    [DoS attack: ACK Scan] from source: 17.132.254.15:5223 Tuesday, July 14,2015 08:38:45
    [DoS attack: ACK Scan] from source: 17.132.254.15:5223 Tuesday, July 14,2015 08:38:10
    [DoS attack: ACK Scan] from source: 17.132.254.15:5223 Tuesday, July 14,2015 08:37:37
    [DoS attack: ACK Scan] from source: 167.114.0.26:51227 Tuesday, July 14,2015 08:22:34
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 08:11:56
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 08:11:33
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 08:04:20
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 08:02:20
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 08:00:19
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 07:58:19
    [DoS attack: ACK Scan] from source: 202.108.23.105:5287 Tuesday, July 14,2015 07:56:03
    [DoS attack: ACK Scan] from source: 66.135.213.210:443 Tuesday, July 14,2015 07:54:45
    [DoS attack: ACK Scan] from source: 179.60.193.2:443 Tuesday, July 14,2015 07:54:21
    [Time synchronized with NTP server time-g.netgear.com] Tuesday, July 14,2015 07:54:03
    [DoS attack: ACK Scan] from source: 66.135.211.97:443 Tuesday, July 14,2015 07:54:00
    [Internet connected] IP address: 121.222.126.130 Tuesday, July 14,2015 07:53:32
    [DSL: Up] Tuesday, July 14,2015 07:53:27    

    We have had same issues over last 3 days and now. We are in Tamborine Village QLD.

  • (PC and Surface 8.1)bad pool header error: remote debugging using ARM device

    Tools used:
    Microsoft Visual Studio Professional 2013
    Remote Debugger Monitor (Surface RT 8.1)
    I have successfully activated the developer license as administrator.
    I have attempted to run the test app on remote device but my pc crashes before or when reaching certification.
    So far, I have attempted to run an app software for the ARM device; however, ever since I have upgraded the surface to 8.1, I constantly get the bad pool header crash, even after successfully connecting the pc to rt device.
    is there any way I can resolve the issue so I can successfully to remote debugging?
    any help is appreciated.

    Hi,
    Considering that the issue should be related to Windows RT 8.1, and  Since we have limited testing environment, I suggest you submit a new case on Windows RT forum as they will be more professional on your issue:
    This is the Windows RT 8.1 forum link.
    http://answers.microsoft.com/en-us/windows/forum/windowsrt8_1?sort=lastreplydate&dir=desc&tab=Threads&status=&mod=&modAge=&advFil=&postedAfter=&postedBefore=&threadType=All&tm=1392101458999
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us.  Thank you for your understanding.
    Regards,
    Kelvin hsu
    TechNet Community Support

  • RESTORE - Kernel   Bad page - header and trailer not matching

    Hello,
    I have a Problem with the recover of my backup.
    When i want to make a restore of the Database this error is shown in Logfile KNLDIAGERR
    2008-11-26 21:20:38                               --- Starting GMT 2008-11-26 20:20:38           7.5.0    Build 032-123-111-699
    2008-11-26 21:26:57      0xE0C ERR 20005 Kernel   Bad page - header and trailer not matching
    2008-11-26 21:26:57      0xE0C ERR 20006 Kernel   Header [ 5277032 - data - tab - checksumData - empty ]
    2008-11-26 21:26:57      0xE0C ERR 20007 Kernel   Trailer[ 0 - data - nil - chckNil - empty ]
    2008-11-26 21:26:57      0xE0C ERR 52015 RESTORE  write/check count mismatch 5277032
    2008-11-26 21:26:57      0xDFC ERR 52012 RESTORE  error occured, basis_err 300
    2008-11-26 21:26:57      0xDFC ERR 51080 SYSERROR -9026 BD Bad datapage
    any Help ?
    thanks a lot
    Steven

    Hi Steven,
    the database kernel checks with every read the header trailer. If it got a mismatch during read the error message you got is logged.
    The same checkes will be executed when you create a backup. You told us that the backup could be executed without any errors and that the system where you created the backup is ok as well -> you executed a Check data?
    Now everything looks like the error is in the backup and happened during writies to the external backup medium. Or the backup is ok and then the error happens during read from the external medium.
    To get closer to the reason where the problem is located I need to have some more information.
    1. You did the restore several times?
    2. Did the bad Data Page shappens always on the same page -> Check knldiag.err
    3. Did you do your backup on tape?
    4. Did you try to create a backup into a file?
    5. Does the restore from file got the error as well?
    Regards, Christiane Hienger

  • How to report possible Port scanning and DOS/Fraggle Attack??

    I have been experiencing lag while surfing the internet. One temporary solution was to get a new IP from VZ but this fix was short lived. So I became curios and dtarted to log connection attempts to my router and noticed what I saw resembled port scans and even a Fraggle/DOS attack at times. I am posting my routers log below and would like to kno how to go about reporting this abuse and what I see as malicious activity?
    Mar 29 00:34:16.843: %SEC-6-IPACCESSLOGP: list 115 denied tcp 112.216.99.210(60289) -> .(443), 1 packet
    Mar 29 02:09:24.956: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(44315) -> .(80), 1 packet
    Mar 29 02:14:54.973: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(44315) -> .(80), 4 packets
    Mar 29 04:46:18.559: %SEC-6-IPACCESSLOGP: list 115 denied tcp 123.125.67.205(60157) -> .(80), 1 packet
    Mar 29 04:51:54.975: %SEC-6-IPACCESSLOGP: list 115 denied tcp 123.125.67.205(60157) -> .(80), 1 packet
    Mar 29 08:37:38.717: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(49683) -> .(80), 1 packet
    Mar 29 08:42:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(49683) -> .(80), 4 packets
    Mar 29 11:58:37.525: %SEC-6-IPACCESSLOGP: list 115 denied tcp 69.162.74.105(4529) -> .(80), 1 packet
    Mar 29 12:00:33.395: %SEC-6-IPACCESSLOGP: list 115 denied tcp 209.216.8.220(8615) -> .(443), 1 packet
    Mar 29 12:03:55.001: %SEC-6-IPACCESSLOGP: list 115 denied tcp 69.162.74.105(4529) -> .(80), 1 packet
    Mar 29 15:09:06.512: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(39516) -> (80), 1 packet
    Mar 29 15:14:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(39516) -> (80), 4 packets
    Mar 29 20:06:44.831: %SEC-6-IPACCESSLOGP: list 115 denied tcp 190.30.227.242(45712) -> .(80), 1 packet
    Mar 29 23:42:44.255: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(58914) -> .(80), 1 packet
    Mar 29 23:47:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(58914) -> .(80), 2 packets
    Mar 30 01:19:56.075: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48356) -> .(80), 1 packet
    Mar 30 01:25:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48356) -> .(80), 2 packets
    Mar 30 01:51:48.109: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(32276) -> .(80), 1 packet
    Mar 30 01:56:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(32276) -> .(80), 2 packets
    Mar 30 02:15:11.578: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48235) -> .(80), 1 packet
    Mar 30 02:20:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48235) -> .(80), 2 packets
    Mar 30 02:49:55.370: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(65092) -> .(80), 1 packet
    Mar 30 02:55:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(65092) -> .(80), 2 packets
    Mar 30 03:05:05.854: %SEC-6-IPACCESSLOGP: list 115 denied tcp 59.178.47.229(3152) -> .(23), 1 packet
    Mar 30 03:10:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 59.178.47.229(3152) -> .(23), 1 packet
    Mar 30 03:19:07.806: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28767) -> .(80), 1 packet
    Mar 30 03:24:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28767) -> .(80), 2 packets
    Mar 30 03:43:44.223: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(22501) -> (80), 1 packet
    Mar 30 03:48:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(22501) -> (80), 2 packets
    Mar 30 04:11:31.035: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(47011) -> .(80), 1 packet
    Mar 30 04:16:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(47011) -> .(80), 2 packets
    Mar 30 04:42:01.195: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(56753) -> .(80), 1 packet
    Mar 30 04:47:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(56753) -> .(80), 2 packets
    Mar 30 05:11:34.130: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35301) -> .(80), 1 packet
    Mar 30 05:16:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35301) -> .(80), 2 packets
    Mar 30 05:41:22.621: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(33024) -> .(80), 1 packet
    Mar 30 05:46:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(33024) -> .(80), 2 packets
    Mar 30 06:08:02.091: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54807) -> .(80), 1 packet
    Mar 30 06:13:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54807) -> .(80), 2 packets
    Mar 30 06:34:59.547: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(29217) -> .(80), 1 packet
    Mar 30 06:40:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(29217) -> .(80), 2 packets
    Mar 30 07:03:04.100: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54153) -> .(80), 1 packet
    Mar 30 07:08:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54153) -> .(80), 2 packets
    Mar 30 07:31:13.494: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17308) -> .(80), 1 packet
    Mar 30 07:36:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17308) -> .(80), 2 packets
    Mar 30 08:02:27.161: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48707) -> .(80), 1 packet
    Mar 30 08:07:54.966: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48707) -> .(80), 2 packets
    Mar 30 08:33:47.283: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28540) -> .(80), 1 packet
    Mar 30 20:04:23.585: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(22702) -> .4(22), 1 packet
    Mar 30 20:21:10.696: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35592) -> .(80), 1 packet
    Mar 30 20:26:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35592) -> .(80), 2 packets
    Mar 30 20:52:52.313: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(25460) -> .(80), 1 packet
    Mar 30 20:57:54.965: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(25460) -> .(80), 2 packets
    Mar 30 21:30:11.984: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17145) -> .(80), 1 packet
    Mar 30 21:35:54.963: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17145) -> .(80), 2 packets
    Mar 30 21:43:27.829: %IP_VFR-4-FRAG_TABLE_OVERFLOW: FastEthernet0/1: the fragment table has reached its maximum threshold 16
    Mar 30 21:43:27.889: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.200 -> . (0/0), 1 packet
    Mar 30 21:48:54.965: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.213 -> (0/0), 1 packet
    Mar 30 21:48:54.965: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.214 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.201 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.203 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.202 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.204 -> . (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.205 -> (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.206 -> (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.210 -> . (0/0), 1 packet
    Mar 30 21:48:54.977: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.211 -> (0/0), 1 packet
    Mar 30 22:01:32.255: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(30967) -> .(80), 1 packet
    Mar 30 22:06:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(30967) -> .(80), 2 packets
    Mar 30 22:10:18.301: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(31796) -> .(80), 1 packet
    Mar 30 22:15:54.965: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(31796) -> .(80), 2 packets
    Mar 30 23:03:12.464: %SEC-6-IPACCESSLOGP: list 115 denied tcp 88.208.220.10(55906) -> .(21), 1 packet
    Mar 30 23:08:54.966: %SEC-6-IPACCESSLOGP: list 115 denied tcp 88.208.220.10(55906) -> .(21), 1 packet
    Mar 31 00:41:30.769: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(35443) -> .(22), 1 packet
    Mar 31 03:00:11.425: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(58521) -> .(80), 1 packet
    Mar 31 03:00:12.527: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(42339) -> .(23), 1 packet
    Mar 31 03:05:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(41726) -> .(23), 1 packet
    Mar 31 03:05:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(59178) -> .(80), 1 packet
    Mar 31 03:46:26.767: %SEC-6-IPACCESSLOGP: list 115 denied tcp 184.154.4.85(58071) -> .(80), 1 packet
    Mar 31 04:12:08.935: %SEC-6-IPACCESSLOGP: list 115 denied tcp 109.104.74.10(51151) -> .(22), 1 packet
    Mar 31 12:10:19.683: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(51886) -> .(80), 1 packet
    Mar 31 12:15:54.960: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(51886) -> .(80), 4 packets
    Mar 31 14:23:34.316: %SEC-6-IPACCESSLOGP: list 115 denied tcp 94.251.160.199(32941) -> .(443), 1 packet
    Mar 31 14:28:54.962: %SEC-6-IPACCESSLOGP: list 115 denied tcp 94.251.160.199(32941) -> .(443), 1 packet
    Mar 31 20:37:34.630: %SEC-6-IPACCESSLOGP: list 115 denied tcp 208.100.1.174(39803) -> .(21), 1 packet
    Mar 31 20:40:49.542: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(53348) -> .(80), 1 packet
    Mar 31 20:45:54.958: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(53348) -> .(80), 4 packets
    Mar 31 21:18:03.788: %IP_VFR-4-FRAG_TABLE_OVERFLOW: FastEthernet0/1: the fragment table has reached its maximum threshold 16
    Mar 31 21:18:03.832: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.200 -> (0/0), 1 packet
    Mar 31 21:23:54.960: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 130.81.137.230 -> (0/0), 2 packets
    Mar 31 21:23:54.960: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.202 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.201 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.204 -> . (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.205 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.207 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.208 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.206 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.210 -> . (0/0), 1 packet
    Mar 31 21:23:54.972: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.203 -> (0/0), 1 packet
    Mar 31 21:57:25.351: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(59472) -> .(22), 1 packet
    Mar 31 22:00:45.852: %SEC-6-IPACCESSLOGP: list 115 denied tcp 87.234.32.189(49412) -> .(25), 1 packet
    Mar 31 22:05:54.959: %SEC-6-IPACCESSLOGP: list 115 denied tcp 87.234.32.189(49412) -> .(25), 1 packet

    You're getting hit from IPs from everywhere, so there's no true person to ask in regards to this. Whoever had your IP last was probably up to no good, or it's possible for some reason your IP was targeted. Might also be possible that whoever had your IP last was running servers. My Dedicated server gets hit with this nonsense all the time. Sometimes it's an issue with someone trying to DoS one of the game servers I run on it. Causes lag for only a few seconds before the hardware firewall in front of the server kicks in and handles the rest. China I actually wound up blocking access to entirely for a month or two since I've hardly seen anything that wasn't a port scan or an SSH/FTP hacking attempt.
    A few of those IPs are owned by Google and Microsoft, which implies there was probably an HTTP server at one point running on the IP you're using now.
    ========
    The first to bring me 1Gbps Fiber for $30/m wins!

  • BSOD with both Kernal Security Check Error and Bad Pool Header.

    All -
    I have a HP DV7 laptop with Windows 8.1. It has BSOD with both Kernal Security Check Error and Bad Pool Header.
    Despite doing all the built in HP tests, there is nothing. Using an Anker HardDrive Dock results in the identical errors on another machine.
    Bottom line, even if I could see the DMP files (which I cannot); because the machine fails to boot, there are no files to be copied.
    I have tried various AIO and UEFI disks and USB, and the laptop NEVER accepts the PREINSTALL environment. Being unable to use the Anker has never happened. I seem completely locked out of the drive. Any suggestions? Thx.
    Bruce A Ades

    Hi Texas_Bruiser
    Some required details are needed for us to help you.
    Ensure that the BIOS/UEFI has been configured to allow boot from DVD/CD or USB.
    When you attempted to boot into PREINSTALL environment (PE) by using disks or USB, we need more details about error message or what happened?
    If your computer cannot even boot into Windows PE by using installation media, we suggest you check if memory and other hardware are works properly on this computer. Also try to plug this hard disk on other computer as data volume, see if the hard disk works.
    Regards
    D. Wu

  • Bad Pool Caller and Bad Pool Header issue

    Hi,I recently upgraded my system from Windows 8 to Windows 8.1. Since then it doesn,t start normally. Mainly give Blue screen with error Bad Pool caller, Bad pool header, Service Exception error, Driver corrupted expool. The system never hibernate or sleep. Please help. 

    Hi there
    Welcome to the HP Support Forums! It is a great place to find the help you need, both from other users, HP experts and other support personnel. I understand that after upgrading to Windows 8.1 you are experiencing various BSOD errors. I am happy to assist with this. Did this start immediately after the upgrade to Windows 8.1, or was it shortly after? Checking online for those messages, I found suggestions about conflicting drivers, multiple antivirus programs in use. Here are a few examples I found from the Microsoft support forums. Something within may be of use to you. driver expool corrupted windows 8 - answers.microsoft.comBAD_POOL_CALLER error in Windows 8.1 -  answers.microsoft.comsystem service exception error blue screen - answers.microsoft.com It may also be useful to open your own thread on the Microsoft Forums, as often the experts there are looking for dump files to look for specific causes. I hope this helps.

  • Protect against DOS attack on NIO Server

    I have a NIO server which recently underwent a DOS attack. The attack was very simply a packet flood in which a rogue engineered client sent a packet request to the system 80,000 times in about 5 seconds.
    The packet was successfully ignored in the application code (it just logged it). Logging usually take the IP address but in this case using getInetAddress() on the socket channel returned null every time.
    However, as far as future protection goes how could I modify the system to be able to withstand such attacks? Under normal operation the server would establish TCP socket connection with client on a public port. Then client sends login packet and if authorized client can send other request packets to get data and perform user actions (like chatting).
    In this attack user did not bother to attempt to login and instead just sent many of the same data request packets over and over, causing the system to use up the thread pool and block other legitimate clients from now connecting. I am not expert in security like this, so what is best practice for making code stand up?
    Some general questions I can think of:
    - would using SSL help?
    - some way to throttle client requests to a certain frequency or byte limit per second?
    - should have one port for login and another for data requests after login succeed?
    Thanks In Advance.

    You can't use SSL with non-blocking NIO unless you want tackle the complexities of the SSLEngine (or use my Scalable SSL product), and in any case I'm not sure it would really help - it would just move the DOS attack into the SSLEngine handling. Separate ports won' t help either as there is nothing to stop the attacker using either of them, or both.
    Maybe your best defence is to identify rogue packets as quickly as possible, and drop the entire connection if you get a bad packet (e.g. one where getInetAddress() returns null, although in fact I don't see how that is actually possible). You might proceed from there to logging rogue source addresses and dropping connections from them immediately.
    I would also investigate what can be done in the firewall configuration.

  • Error Bad Pool Header

    I have had
    frequent crashes (windows 8)
    with the message Bad Pool Header
    Looks like tel something to do with
    the network card, it only happens
    when I'm using wifi and I'm a bit
    far from the router, with a slightly
    weaker signal.
    Is it related?
    What do I do to solve?
    My laptop is a Dell Inspiron
    14z.
    Thank you.

    Not a problem! Luckily, in this case, it appears that a kernel-dump won't be necessary.
    We have a few bug checks:
    BAD_POOL_HEADER (19)
    This indicates that a pool header is corrupt.
    BugCheck 19, {d, ffffe0000f4fc32f, c2fbebf7646c9270, 6c2fbebf7646c8d}
    ^^
    2: kd> !pool ffffe0000f4fc32f
    Pool page ffffe0000f4fc32f region is Unknown
    ffffe0000f4fc000 size: e0 previous size: 0 (Allocated) klpt
    ffffe0000f4fc0e0 size: a0 previous size: e0 (Free) Free
    ffffe0000f4fc180 size: e0 previous size: a0 (Allocated) klpt
    *ffffe0000f4fc260 size: d0 previous size: e0 (Allocated) *KLsc
    Owning component : Unknown (update pooltag.txt)
    ffffe0000f4fc330 size: 50 previous size: d0 (Free ) KLWp
    ffffe0000f4fc380 size: 100 previous size: 50 (Allocated) KPXY
    ffffe0000f4fc480 size: a0 previous size: 100 (Allocated) dlib
    ffffe0000f4fc520 size: d0 previous size: a0 (Allocated) KLsc
    ffffe0000f4fc5f0 size: 90 previous size: d0 (Allocated) KLsm
    ffffe0000f4fc680 size: d0 previous size: 90 (Allocated) KLsh
    ffffe0000f4fc750 size: 250 previous size: d0 (Allocated) @GM2
    ffffe0000f4fc9a0 size: d0 previous size: 250 (Allocated) KLsc
    ffffe0000f4fca70 size: d0 previous size: d0 (Allocated) KLsh
    ffffe0000f4fcb40 size: 250 previous size: d0 (Allocated) klxm
    ffffe0000f4fcd90 size: 40 previous size: 250 (Allocated) klqi
    ffffe0000f4fcdd0 size: 90 previous size: 40 (Allocated) KLsm
    ffffe0000f4fce60 size: d0 previous size: 90 (Allocated) KLsh
    ffffe0000f4fcf30 size: d0 previous size: d0 (Allocated) KLsh
    ^^ The pool block we're looking at within the pool page belongs to LKsc (unknown). When the owning component is unknown and it alerts to update the pooltag, it's generally a 3rd party driver causing corruption.
    We can confirm this by checking the call stack:
    2: kd> k
    Child-SP RetAddr Call Site
    ffffd000`2256ea48 fffff803`83f18167 nt!KeBugCheckEx
    ffffd000`2256ea50 fffff803`83f17a03 nt!ExFreePoolWithTag+0xe97
    ffffd000`2256ead0 fffff800`023e9918 nt!ExFreePoolWithTag+0x733
    ffffd000`2256eba0 fffff803`83c86000 klwfp+0x7918
    ffffd000`2256eba8 ffffe000`00000000 nt!_guard_check_icall_fptr <PERF> (nt+0x0)
    ffffd000`2256ebb0 ffffd000`2256ebe8 0xffffe000`00000000
    ffffd000`2256ebb8 00000000`70574c4b 0xffffd000`2256ebe8
    ffffd000`2256ebc0 fffff800`01992d60 0x70574c4b
    ffffd000`2256ebc8 fffff800`019aaf51 klflt+0xed60
    ffffd000`2256ebd0 ffffe000`0048d2f0 klflt+0x26f51
    ffffd000`2256ebd8 ffffc000`1197b000 0xffffe000`0048d2f0
    ffffd000`2256ebe0 ffffe000`0e0282b0 0xffffc000`1197b000
    ffffd000`2256ebe8 ffffe000`0e09a2a0 0xffffe000`0e0282b0
    ffffd000`2256ebf0 00000000`00000000 0xffffe000`0e09a2a0
    ^^ The driver(s) which appeared to have attributed to the corruption are Kaspersky drivers, with
    klwfp.sys (the one that caused the pool corruption) specifically being the Network Filtering Component driver for Kaspersky.
    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
    A driver tried to access an address that is pageable (or that is completely invalid) while the IRQL was too high. This bug check is usually caused by drivers that have used improper addresses.
    Unable to load image \SystemRoot\system32\DRIVERS\klwfp.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for klwfp.sys
    *** ERROR: Module load completed but symbols could not be loaded for klwfp.sys
    Probably caused by : klwfp.sys ( klwfp+6ff1 )
    ^^ Once again, the Network Filtering Component driver for Kaspersky.
    Remove and replace Kaspersky with Windows 8's built-in Windows Defender for temporary troubleshooting purposes as it appears to be causing NETBIOS conflicts:
    Kaspersky removal - http://support.kaspersky.com/common/service.aspx?el=1464
    Windows Defender (how to turn on after removal) - http://www.eightforums.com/tutorials/21962-windows-defender-turn-off-windows-8-a.html
    Regards,
    Patrick

  • Getting logs for DOS Attack:Sync Attack on cisco CSS 11501 frequently.

    Hi ,
    Since couple of weeks , i am getting below DOS attack logs on cisco CSS.Can anyone help me out about how can we avoid this? and how to deal with it.
    04/23/2011 17:27:28:Enterprise:DOS Attack:SYN Attack -> 10 times
    04/23/2011 17:30:15:Enterprise:DOS Attack:SYN Attack -> 10 times
    04/24/2011 11:20:32:Enterprise:DOS Attack:SYN Attack -> 11 times
    04/24/2011 11:24:48:Enterprise:DOS Attack:SYN Attack -> 12 times
    04/24/2011 15:30:42:Enterprise:DOS Attack:SYN Attack -> 10 times
    Thanks
    Manish

    Hi Nicolas,
    Why i am asking about DOS attack as i am facing some issues for the 2 VIPs configured in cisco CSS 11501.
    Can you help me troubleshooting the issue?
    I have coming across some Load Balancing issues for the 2 VIPS configured on Cisco CSS11501.
    We  have cisco CSS 11501. We have 2 VIPs configured on it for FE and BE  servers.Now Client calls to FE VIP and LB forwarding it to server and  then FE server calls the BE VIP which goes through the same LB and  forward to BE server under the VIP.When we start load test, we have  observed after 2 hour test, application team getting HTTP timeout.As  this application is used by Call center so getting timeout is bad.
    Need to troubleshoot this issue if there is any problem from LB End.
    Please find the attached file for VIP configs.

  • SAP is running with corrupted DB6 Database with many "Bad Page Header" . .

    Hello Friends,
    One of our DB6 Database is showing multiple entries in db2diag.log file, while performing SAP Local client copy, SGEN, SAP System Copy, REORGCHK for All, RUNSTAT for single Table......
    RETCODE : ZRC=0x87020036=-2029912010=SQLB_BADHDR "Bad Page Header"
                       DIA8547C An error occurred in a database page header.
    System Information:
    SAP system : Solution Manager 70 , Support Stack 15
    Database : DB2 v9.1.700.855 , FP7
    Operating system: Windows Server 2003 Ent. x64 Edition
    Currently, All things are working fine with the current status of DB6 Database. SAP Solman system is starting and shutting down in  normal way whenever it is required. In DB6COCKPIT, not even single alert is there for inconsistent objects, and for other factors. Even, At present, I am  able to perform both compressed /uncompressed Online/Offline backup of the System Database.
    Previously, the system was maintained by other BASIS administrator. The problem came to know by me, when i  ran SGEN after successfully applying ST-A/PI add-on in system, as per as EarlyWatch report notification. The corruption might happened before 6 to 7 months ago, as i have seen the same messages in db2diag.log files, when the same problem was identified by me recently. And moreover, as per as our Backup cycle, all dedicated Backup Tapes are overwritten with existing status of SAP Solman Database within this 6 to 7 months long period, so I can not restore the consistent Database backup to correct the problem.
    The ABAP dumps which came as a result of SGEN and of some operations are as followed:
    DBIF_REPO_INTERNAL_ERROR
    DBIF_REPO_SQL_ERROR (SQL error "-1034" occurred when accessing program, SQL error "-99999" occurred when accessing program)
    GEN_BRANCHOFFSET_LIMIT_REACHED
    etc...etc...
    I tried to diagnosis the cause of this problem using DB2DART tool and done the  analysis of all tablespaces. Out of 37 Tablespaces, multiple  Tablespaces are found with error/corruptions.
    Due to the corruption in multiple Database Obejcts, I am not able to do SAP Local client copy, SGEN, SAP System Copy, REORGCHK for All, RUNSTAT for single Table... and other Database related operations.
    Is there any alternative to correct this corrupted database excep Backup/Restore database?
    I am looking for your cooperations to solve this unexpected critical Problem.
    Regards,
    Bhavik G. Shroff
    Edited by: Bhavik G. Shroff on Nov 12, 2009 11:31 AM

    Ashley,
    Fortunately the db2diag.log provides a lot of good debugging information. Here is an excerpt of the information that we captured for a (different) problem we were having:
    2009-03-26-17.22.23.655840000 I6020445A3130      LEVEL: Severe
    PID     : 1314904              TID  : 5913        PROC : db2sysc 0
    INSTANCE: db2bq2               NODE : 000
    EDUID   : 5913                 EDUNAME: db2pclnr (BQ2) 0
    0x0000000110692608 : 0000 0000 0000 0000 FFFF FFFF FFFF FFFF    ................
    0x0000000110692618 : 0000 0002 850F 000C                        ........
    DATA #3 : Buffer page descriptor, PD_TYPE_SQLB_BPD, 152 bytes
      Pagekey: PPNum:5409475
      objectPageNum:                    153219
      bucketGroupHashIndex:               1817
      hashnext:             0x0000000000000000
      hashprev:             0x0700000063240858
      osslatch:
    +
    Basically the information you are looking for is the PageKey which tells you that the problem happened in tablespace id 59, tableid 9 pagenumer 5409475. You can then use db2dart to dump that particular page and examine the contents (in our case it was zeroed out due a filesystem problem).
    db2dart <db> /DP /TSI 59 /PS 5409475 /NP 0
    There are various other dump options that you can use. I have found this to be very useful in diagnosing these kind of problems.
    - Sameer

  • Blue screens BSOD bad pool header

    Hello so for the past 2-4 weeks I have been getting all the possible blue screens I can get ...I am not rly a rookie in heardweare/softweare problems but cant say I am an expert..So my problem started when I tryed to instal assassins creed unity...All
    worked fine game worked fine...till a point when pc shut down so I thought its the cpu overheating booted up...started the game again and here was where the hell started I was getting blue screen over blue screen so I thought its maybe the windows since it
    was like 6-10months old...Installed several versions of windows from windows 7 home to enterprise all were giveing me  blue's so I barrowe a new one from a friend a windows 7 ultimate installed it but the blue screen was still  there not so offen...wierd
    thing is sometimes the pc wont bsod but insted cut pc power from my mouse and keyboard...not from my headset which is on usb also ...and also cut the signal from monitor...so I started testing tested the vram the gpu...test the ram (not to long only like 2-3h)
    tested the hdd and ssd both came with 2 erros on start from hdd regenerator 2011...hd sentinel says they are ok and have over 1000 days of used...even swap the PSU but still getting the blue screen this is the error I see with blue screen viwer ntoskrnl.exe+75bc0...and
    also one unknowed and today got a bad-pool-header error any solutions...help?the problem is it can give me to bsod one after the other and they hours or even 1 days nothing all works fine

     We do need the actual log files (called a DMP files) as they contain the only record of the sequence of events leading up to the crash, what drivers
    were loaded, and what was responsible.  
    Please follow our instructions for finding and uploading the files we need to help you fix your computer. They can be found here
    If you have any questions about the procedure please ask
    Wanikiya and Dyami--Team Zigzag

  • CS6 (64 bit) crashes 'Bad Pool Header'

    Hi All,
    I just installed Photoshop CS6 International English and the 13_0_1_1 update.
    Bridge standard and 64 bit both work. CS6 standard works. CS6 64 bit crashes with a blue screen 'Bad Pool Header'.
    I reinstalled CS6 and the update. No change.
    Windows and all drivers are up to date.
    I have been using Photoshop for many years - starting with v 6. I have been using CS5 64 bit on this system since it came out with no problems. CS5 64 bit is still working with CS6 installed.
    CS6 64 bit is the only program to have ever given me this error on any computer I have ever had.
    Custom built system:
    Asus motherboard M4A78-e
    AMD Phenom 9950 quad 2.61 GHz
    8 GB 1066 MHz Corsair ram
    Ati Radeon Sapphire Vapor-X HD4890 1GB memory
    Enermax Revolution 85+ power supply
    Zalman CPU 9950 fan
    Lian-Li PC60FN case
    Windows xp professional x64 service pack 2.
    Thank you for taking the time to read about my problem and thank you in advance for any suggestions.

    Dear Mylenium,
    I can see from your profile you have been very active on this forum for many years and have undoubtedly helped too many people to count. However, your certainty and negativity belies my experience, both with CS 5 64 bit and with CS 6 Bridge 64 bit, as you can see from my initial post.
    I took your suggestion and opened the Event Viewer. There were no logs to read. I looked in the properties of each of the log types in the events window and went to windows\system32\config\ just to be sure. Is there anything I can do to trigger creatitng an event log or should I look to finding the info in some other way or place?
    Thank you for taking the time to respond.
    Sasha

  • I have a carillon 25 keyboard (bad choice, I know) and I can't get it to communicate with my mac at all! I'm running logic pro 9 and reason 5. I get signal in from my M Audio trigger finger so I know it isnt an entirely mac based problem. Thanks!!!

    I have a carillon 25 keyboard (bad choice, I know) and I can't get it to communicate with my mac at all! I'm running logic pro 9 and reason 5. I get signal in from my M Audio trigger finger so I know it isnt an entirely mac based problem. Thanks!!!

    Well, how have to determined no signal is being recieved to your mac?
    Have you got something that shows the actual signal? Or have you just been trying to control a VST? What software are you using by the way?
    I personnally went with a AKAI MPK25, because it's made already mapped for logic & ableton etc, so it just makes things incredibly easy.
    I would suggest you return it if you can as a dead unit & perhaps look at something else a bit easier?
    Otherwise, if you just want to get this working we can have a look a bit deeper.
    And driver? OS X driver?

  • When I tap a photo in my iPhone photo gallery, the photo appears but there is always a "this movie format not supported" alert and then the alert goes away and the photo appears. These are photos I've taken with the iPhone and aren't even movies.

    It's very odd. I take photos with my iPhone and then later go to view the photos in the Photo Gallery on my iPhone. The photos to appear, but I keep getting "this movie format not supported" alerts, even though I am looking at photos taken by my iPhone. The alert appears briefly just after the photo appears and then the alert goes away and I can see the photo. They are just still photos and not movies. Why wouldn't the iPhone recognize the format of photos it is taking?

    That thread helped for a time.  But now it seems as though my computer is back to slow again.  But, some of the jargon is over my head as well.  Not sure I knew quoite everything they were talking about.  But thanks a lot for that, it helped I probably just need to reread it and follow the instructions again.  Thanks so much.

Maybe you are looking for

  • Report output directly to printer on web

    I am using Forms 6i & Reports 6i to build an application. I run report from forms 6i using Run_Report_Object (Output to printer). It works fine when using Client/Server. But When on the web the output of report to printer goes to the printer of the s

  • Try to export address book but the drop down for file type is blank. no options are offered. Version 24.5.

    An unusual problem happened when I upgraded from earlier version of thunderbird - which was working fine - version 9. I decided to update. So update to latest version. Once I did this something happened: 1. When I go to address book, I select address

  • Add a Signature Field to Export to PDF

    Post Author: fornachari CA Forum: Exporting Hi everybody! I am using Visual Studio 2005 and the version of Crystal Reports that come  with Visual Studio 2005. Does anyone know how to include a signature field when creating PDF in crystal reports with

  • Mainconcept Mpeg Pro HD and Encore transcode problems with blu-ray

    I wanted to use premiere pro to edit my HDV files and import them into Encore to produce Blu-ray discs without transcoding. I have tried the Mainconcept Mpeg Pro HD plugin 3.1 as this should provide smart transconding of the edited file. I have been

  • Sun JPI support

    Hi, Any news/thoughts on the support of Sun JPI with MS IE? The SOD on OTN states this is targeted for "patch 2". Is this the forthcoming 10.1.2 release? When Sun JPI will be supported, which version of JPI would you expect to be required? 1.4.2 or 1