Looks like someone is trying to do something *evil* at your network :-0
CPMAD stands for Check Point Malicious Activity Detection and does what it's
fancy title says but in not that fancy a way ;-). There
is a documented memory leak in CPMAD.exe as far as I know and unfortunately
there are only a few things you can do. First off, you
need at least 1GB - 2GB of RAM in order for the Server to breath. You'll also
need to edit the file cpmad_config.conf and change the
MAD_memory parameter to a value you'd like (I've got mine at 150000Kb). You
should then stop and start the firewall-1 service and
push the policy for the changes to take effect. You could also *disable* CPMAD
by editing the aforementioned file and changing the
parameter MAD_system_mode from *on* (apparently) to *off*, even though I do not
suggest you done so (even if CPMAD is trivial, at
least you can get some kind of events in your Log Viewer).
Hope these help.
Cheers,
Dimitris
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Lopez Zambrano,
David
Sent: Tuesday, June 29, 2004 10:46 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Problem with cpmad.exe
Hi all,
i have a little problem with an exec called cpmad.exe... it grows to fill all
memory available, and at last, the system crash, if i
stop the fw-service the memory frees, of course...
The system is an 'old' FW1 4.1sp1 over NT, with 2 boxes, this exec grows only
on the primary node, the one who store the logs.
Also, since a month ago, when the schedule task to switch the log runs, always
got an error that tells me that the log can't be
switched, but it finally switchs the log, why 'fw logswitch' ends with that
error? if finally works ?
Greetings
David Lopez
anuntis.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
