We have been trying to pass an external PCI scan, and noticed some server lockups after starting a scan. We are scanning a couple hundred IP addresses, which all resolve to the same servers. The scans are actively looking for vulnerabilities on teh box, and one of which is flash remoting. When we look at the apache /server-status page, it shows a ton of long running flex2gateway processes. For instance:
| 22-4 | 4466 | 0/3817/3817 | W | 4.07 | 163840 | 0 | 0.0 | 57.76 | 57.76 | x.x.x.101 | WebNode2.ambassador.int | POST /flex2gateway/http HTTP/1.1 |
As you can see, this POST has been running for 163840 seconds, or nearly two days. Since it seems these POSTs never disconnect, they simply stack up until the server's max number of child processes has been reached, effectively killing our webserver.
When I try to restart coldfusion, these POST requests do not die off, but they gracefully die if I reload apache.
Any suggestions on where how to troubleshoot this issue?