Nmap Announce mailing list archives
Re: fingerprinting problems
From: Jesus Cea Avion <jcea () argo es>
Date: Mon, 11 Jan 1999 21:01:18 -0100
This message is authoritative, since it came from an official Solaris developer:
Subject: Re: Nmap network auditing/exploring tool V. 2.00 released Date: Wed, 23 Dec 1998 10:12:57 +0100 From: Casper Dik <casper () HOLLAND SUN COM> Reply-To: Bugtraq List <BUGTRAQ () netspace org> To: BUGTRAQ () netspace org
Another nmap-induced denial-of-service is against many machines inetd's when doing a TCP connect() scan (-sT) with the result of killing the inetd process. I've found that Digital Unix and Irix have been vulnerable to this. I cannot reliably reproduce the problem[*] and have not tested it against xinetd.
The TCP scan seems to be wide spread under inetd. It's caused by the inetd "internal" TCP services; when a connection is made and closed before a response can be send, inetd will die with SIGPIPE. This affects the services that do not fork() prior to running; discard, echo and chargen do fork(), I believe, but time and daytime only send a single respone and fork()ing wasn't deemed necessary. It does affect Solaris prior to Solaris 7 (where it was fixed before it was understood how easy it was to trigger) Casper <<<<< -- Jesus Cea Avion _/_/ _/_/_/ _/_/_/ jcea () argo es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ _/_/_/_/_/ PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/ "Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ "El amor es poner tu felicidad en la felicidad de otro" - Leibniz
Current thread:
- Re: fingerprinting problems Jesus Cea Avion (Jan 05)
- Message not available
- Message not available
- Re: fingerprinting problems Jesus Cea Avion (Jan 11)
- Message not available
- Message not available
- <Possible follow-ups>
- RE: fingerprinting problems wanb0y (Jan 13)
- RE: fingerprinting problems Lamont Granquist (Jan 14)
- RE: fingerprinting problems Richard Johnson (Jan 14)
- RE: fingerprinting problems Lamont Granquist (Jan 14)