Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

Re: killing suns with nmap

From: "Alek O. Komarnitsky (N-CSC)" <alek () ast lmco com>
Date: Fri, 07 Apr 2000 16:35:53 -0600 (MDT)
From: Ed Arnold <era () ucar edu>
Subject: killing suns with nmap
To: FOCUS-SUN () securityfocus com

I'm interested in knowing if anyone here has come up with a combination
of nmap args which will kill a solaris-7 machine with current patches.
I've run nmap with various args against a couple solaris-7 machines with
current (14 Mar 2000) recommended patchset installed; have not been able
to make them croak.


FYI: There was a discussion about this recently on the nmap 
discussion list - I started it!   ;-)

Using nmap-web (more details below), I was able to crash a few inetd/machines,
but I think this was because I was agressive with some of the timeouts - since
I've scaled this back a bit, I have not seen this problem ... plus most of
the machines I saw it with earlier were semi-vintage machines.

BTW, it's not "really" nmap's "fault" if there is a fragile TCP/IP stack
out there ... although I can see where people might say otherwise!   ;-)

I wrote earlier to security-focus:
   FYI FWIW: nmap is an awesome tool ... I recently wrote a
   quick-dirty web interface to this that basically condenses
   the output of nmap scans on various ports on lots of machines.

   It was originally written to "search/crawl" for web servers
   by testing port 80, but it expanded a bit from there.
   I.e. it was mostly written for the "white hats" as a means
   of seeing what is open ... I'm sure there is pretty snazzy
   tools out there written and in-use by the "black hats"  ;-)

   A screenshot, documentation, and tarball can be found at:
      http://www.komar.org/komar/alek/   ->  Misc. Tech Stuff  ->  nmap-scan
   Just a Perl/CGI script with some HTML ... VERY easy to tweek, configure,
   and install into your environment.

I remember reading that Fyodor changed the nmap format slightly;
so I just tested Beta18 and fixed nmap-web to handle this ... plus
I added a few more tidbits in there with version 1.2 ...   ;-)

alek

P.S. FYI Ed: One of your colleges at NCAR wrote to the nmap list
about killing machines with nmap ... I'll let him discose who he is;
but he said he had to buy a lot of beer for the fellow Sysadmins!   ;-)
Previous By Date Next
Previous By Thread Next

Current thread: