You are penetration testing a client's DMZ servers. You run out of time at the client site and decide to continue from your home network. You have talked with your ISP and ensured that all ports are allowed out and they are aware of your penetration testing activities. You start a remote, high traffic vulnerability scan and it fails half way through the scan. Your scanning program allows you to start the scan again from where it stopped; it runs for a while then fails again at a different place in the scan. Immediately after the scan fails you notice you are unable to connect to any outside system from inside your IPtables firewall. You have previously tested your vulnerability scanner configuration and it worked fine. You investigate the connection issue and realize that the connection issue clears up after a couple minutes. What is the most likely problem?
1) The scan is failing when invalid protocol traffic is sent, being able to determine valid application layer protocol information is one of the great features of the IPtables firewall
2) The NAT or PAT tables on the IPtables firewall are full
3) The vulnerability scanner has rate limiting turned on
4) The client site is blocking connections NOT established from their network ID