Nmap Announce mailing list archives
Re: killing suns with nmap
From: "Alek O. Komarnitsky (N-CSC)" <alek () ast lmco com>
Date: Fri, 07 Apr 2000 16:35:53 -0600 (MDT)
From: Ed Arnold <era () ucar edu> Subject: killing suns with nmap To: FOCUS-SUN () securityfocus com I'm interested in knowing if anyone here has come up with a combination of nmap args which will kill a solaris-7 machine with current patches. I've run nmap with various args against a couple solaris-7 machines with current (14 Mar 2000) recommended patchset installed; have not been able to make them croak.
FYI: There was a discussion about this recently on the nmap discussion list - I started it! ;-) Using nmap-web (more details below), I was able to crash a few inetd/machines, but I think this was because I was agressive with some of the timeouts - since I've scaled this back a bit, I have not seen this problem ... plus most of the machines I saw it with earlier were semi-vintage machines. BTW, it's not "really" nmap's "fault" if there is a fragile TCP/IP stack out there ... although I can see where people might say otherwise! ;-) I wrote earlier to security-focus: FYI FWIW: nmap is an awesome tool ... I recently wrote a quick-dirty web interface to this that basically condenses the output of nmap scans on various ports on lots of machines. It was originally written to "search/crawl" for web servers by testing port 80, but it expanded a bit from there. I.e. it was mostly written for the "white hats" as a means of seeing what is open ... I'm sure there is pretty snazzy tools out there written and in-use by the "black hats" ;-) A screenshot, documentation, and tarball can be found at: http://www.komar.org/komar/alek/ -> Misc. Tech Stuff -> nmap-scan Just a Perl/CGI script with some HTML ... VERY easy to tweek, configure, and install into your environment. I remember reading that Fyodor changed the nmap format slightly; so I just tested Beta18 and fixed nmap-web to handle this ... plus I added a few more tidbits in there with version 1.2 ... ;-) alek P.S. FYI Ed: One of your colleges at NCAR wrote to the nmap list about killing machines with nmap ... I'll let him discose who he is; but he said he had to buy a lot of beer for the fellow Sysadmins! ;-)
Current thread:
- Re: killing suns with nmap Alek O. Komarnitsky (N-CSC) (Apr 07)