Bugtraq mailing list archives
Re: HACMP and port scans
From: Andreas Siegert <afxml () atsec com>
Date: Wed, 26 Sep 2001 10:14:40 +0200
Quoting Alex Polli (apolli () pucrs br) on Tue, Sep 25, 2001 at 01:36:12PM +0200:
Yes, I've faced this. In fact, the tcp connect() function, when applied to certain HACMP ports causes the system to shut down that node. However, if you make a SYN scan it won't happen. IBM has given us no workaround, so we deployed a firewall in front of the cluster machine, dropping packets to the HACMP ports.
Current AIX releases (AIX 4.3) have a packet filter that might help. cheers afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you!
Current thread:
- HACMP and port scans Eoin D. Fleming (Sep 24)
- Re: HACMP and port scans Alex Polli (Sep 25)
- Re: HACMP and port scans Andreas Siegert (Sep 26)
- Re: HACMP and port scans Andrew Leonard (Sep 25)
- Re: HACMP and port scans Jordan Klein (Sep 26)
- <Possible follow-ups>
- RE: HACMP and port scans Ali, Farrad (Sep 25)
- RE: HACMP and port scans Steven Bishop (Sep 28)
- Re: HACMP and port scans Alex Polli (Sep 25)