Re: DoS bug on Tru64

[Dennis Jenkins <djenkins () usb com>]

:)  I took down our production Tandem S series mainframe and a VAP (Visa
Access Point?) box (it ran QNX) using nmap.  After dealing with the very
irate Tandem Ops guy (I don't blame him), we determined that the nmap
probe triggered some kind of fail-over detection.  I induced a hot fail
over from one mainframe some kind of non-existant hot spare.  Or
something.  Anyway, it was kind of funny.  The mainframe might have been
"Mission critical", but it certainly was not fault tolerant... :)

"Jason Johns - SAS(IT)" wrote:
> Today we were using nmap to scan our network and when we scanned our
> Tru64 machines, telnet and ftp froze and timed out. We could not make
> any connections to those ports and existing connections froze. New
> connections were denied for about a minute after the scan was finished.
> I've checked with Compaq and on Securityfocus and neither place has any
> knowledge of this.
>
> We are running Tru64 Unix 4.0D patch kit 3 on Alpha 4100's and 8400's.
> The nmap command line that was used is:
> nmap -T Polite -O -p 23,139 -oM /tmp/lst 'xxx.xxx.16-44.*'
>
> /Jason Johns

-- 
djenkins () usb com                           Universal Savings Bank.
Security Administrator, Unix Administrator, Alpha Geek

The three most dangerous things are a programmer with a soldering
iron, a manager who codes, and a user who gets ideas.