Bugtraq mailing list archives
DUMP of NT system crash
From: vytasvy () OSF LT (Vytautas Vysniauskas)
Date: Mon, 7 Apr 1997 14:31:57 +0300
TCP/IP session dump -------------------- of Windows NT 4.0 system crash -------------------------------- This message is a continuation of my previous letter on the topic about Windows NT system crash while responding to disk share requests for UNIX (Linux) clients. Today (April 7, 1997) I have reproduced system crash on another NT system. It was Packard Bell computer : P5/100, 24Mb RAM, ATAPI 1.2 dual channel PCI IDE controller, 3c509 (ISA) ethernet card. I was able to produce system dump, which already was sent to Microsoft Windows NT Test group. This computer has the same packs/hotfixes installed: Windows NT version 4.0, build 1381, Service Pack 2 Q135707Q141239NTOSKRNLFIX Q163213 TCPIP DRIVER UPDATE Q163333SERIALFIX RPC SERVER CPU USAGE FIX In addition, very handfull information is TCP/IP session dump between a client and server. I have compared two sessions: 1) correct session between properly configured Linux client (client A) and NT host (host H) 2) "wrong" session between incompatible Linux client (client B) and the same NT host (host H). In this case host H crashes immediatelly. There is also NT server (host S) which is WINS server for NT workstation H. client A: Linux 2.0.29. smbmount utility is compiled for this kernel version, so it is "correct" client which can mount remotely host H disk and to see contents of the mount point. client B: Linux 2.0.25. This client has compatibility problem, because smbmount utility requires kernel version 2.0.29. This session produces NT system crash. host H: NT 4.0 workstation host S: NT 4.0 server session between Linux client and NT workstations is: ./smbmount //H/service /mnt -U client_name (password: some_password) ls /mnt (at this point "wrong" session breaks NT system) ./smbumount /mnt TCP/IP session listing is available at: ftp://puni.osf.lt/windows/tcpipdump.gz (~5k) (md5summ is a75a618b7e390e3945ad8a26f9753725) Hope, it will help to detect what's wrong with NT system. ======================================================== Vytautas Vysniauskas e-mail: vytasvy () osf lt tel: +370-2-611408 UNIX systems administrator Open Society Fund of Lithuania, ========================================================
Current thread:
- Password problem in Trumpet Winsock. null (Apr 06)
- Linux - buffer overflow in filter Mikhail Iakovlev (Apr 06)
- Re: Password problem in Trumpet Winsock. John Sheehy (Apr 06)
- Re: Password problem in Trumpet Winsock. Michael Douglass (Apr 07)
- Netware + Win95 issue Lauri Laupmaa (Apr 07)
- Re: Netware + Win95 issue Paul Melson (Apr 08)
- Another one javascript exploit attempt? Andrew V. Kovalev (Apr 07)
- DUMP of NT system crash Vytautas Vysniauskas (Apr 07)
- Re: Password problem in Trumpet Winsock. Paul Melson (Apr 07)
- BoS: /etc/default/login LOCKOUT= creates arbitrary files (fwd) Illuminati Primus (Apr 07)
- Re: BoS: /etc/default/login LOCKOUT= creates arbitrary files (f Eugene Bradley (Apr 08)
- FreeBSD Security Advisory: FreeBSD-SA-97:03.sysinstall Aleph One (Apr 07)
- CERT Advisory CA-97.09 - Vulnerability in IMAP and POP Aleph One (Apr 07)
- [linux-security] amd 920824upl102 ignores the nodev option Aleph One (Apr 08)