Checkpoint UTM-1 edge VPN boxes worldwide did an unscheduled reboot

Published: 2010-11-01
Last Updated: 2010-11-02 12:48:57 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
3 comment(s)

We have received reports that Checkpoint UTM-1 devices performed an unscheduled reboot. The initial reports we got indicate that the device rebooted at 10pm EDT on Oct. 30th, which happens to be midnight GMT.

There are several posts on Checkpoint support forums verifying this issue [1][2].

Checkpoint confirmed this problem [3] . According to Checkpoint, the reboot happened because of a timer that will roll over every 13.6 years.

This may be a 32 bit timer counting 1/10 seconds. 429 million seconds works out to just about 13.6 years.


[1] http://www.cpug.org/forums/check-point-utm-1-edge-appliances/14606-all-edge-firewalls-rebooted-10-30-2010-8-58-p-m.html
[2] http://jackofallit.wordpress.com/2010/10/30/checkpointsofaware-flashforward/
[3] http://isc.sans.edu/tag.html?tag=Checkpoint%20UTM1%20unscheduled%20reboot

 

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

3 comment(s)

Comments

Not to nitpick, but 10pm EDT = 2am GMT.
there used to be a link to checkpoint's forums, but it's been since replaced with a url that links to this article on sans...
there used to be a link to checkpoint's forums, but it's been since replaced with a url that links to this article on sans...

Diary Archives