Hi,
We had several core dumps on our filers today. To be exact those were - 1 node a FAS980c - 1 node a FAS270c - R200 - F760 running 6.5.1.
All machines crashed within half an hour with the following message:
Panic string: PageFault (write invalid page) on address 0xc7d2e000 (errcode 0x2), eip = 0x713cb1 esp = c1afbd7c ebp = 0xc1afbd84 cs = 8 eflags = 10202 in process SMBRPCWor
As those filers are used in different windows domains from different clients I can't think of any normal client that could have caused the crash. Then some hours later I found an article from SANS about a new version of the PhatBot worm seems to include an LSASS exploit code. http://www.incidents.org/diary.php?date=2004-04-27&isc=932fe245375de59f9...
I don't like the idea, but could OnTAP be vulnerable to a windows exploit? Has anyone else seen this problem?
Carsten