Bugtraq mailing list archives
Re: DoS bug on Tru64
From: "bugtraq () t-swat com" <bugtraq () t-swat com>
Date: Mon, 04 Feb 2002 15:33:06 -0800
I've caused something similar in the past, and it was because NMAP quickly used up all available and allowable sockets, and the TCP tuning on the box (a) didn't allow all that many sockets and (b) didn't allow for rapid "clean-up" of finished sockets. As a result, the TCP-based heartbeat signal from one system to the other couldn't go through (silly admins didn't employ a serial backup heartbeat), and as a result it triggered an "I've fallen and can't get up" signal. Caused quite a mess. :)
At 11:40 AM 30/01/2002, Dennis Jenkins wrote:
:) I took down our production Tandem S series mainframe and a VAP (Visa Access Point?) box (it ran QNX) using nmap. After dealing with the very irate Tandem Ops guy (I don't blame him), we determined that the nmap probe triggered some kind of fail-over detection. I induced a hot fail over from one mainframe some kind of non-existant hot spare. Or something. Anyway, it was kind of funny. The mainframe might have been "Mission critical", but it certainly was not fault tolerant... :) "Jason Johns - SAS(IT)" wrote: > > Today we were using nmap to scan our network and when we scanned our > Tru64 machines, telnet and ftp froze and timed out. We could not make > any connections to those ports and existing connections froze. New > connections were denied for about a minute after the scan was finished. > I've checked with Compaq and on Securityfocus and neither place has any > knowledge of this. > > We are running Tru64 Unix 4.0D patch kit 3 on Alpha 4100's and 8400's. > The nmap command line that was used is: > nmap -T Polite -O -p 23,139 -oM /tmp/lst 'xxx.xxx.16-44.*' > > /Jason Johns -- djenkins () usb com Universal Savings Bank. Security Administrator, Unix Administrator, Alpha Geek The three most dangerous things are a programmer with a soldering iron, a manager who codes, and a user who gets ideas.
Current thread:
- RE: DoS bug on Tru64 Jethro Rose (Feb 04)
- nmap vs. inetd on Caldera (ex-SCO) OpenServer, Re: DoS bug on Tru64 Bela Lubkin (Feb 06)
- <Possible follow-ups>
- Re: DoS bug on Tru64 bugtraq () t-swat com (Feb 04)