Bugtraq mailing list archives
Re: Nmap network auditing/exploring tool V. 2.00 released
From: lamontg () RAVEN GENOME WASHINGTON EDU (Lamont Granquist)
Date: Tue, 22 Dec 1998 13:40:45 -0800
Another nmap-induced denial-of-service is against many machines inetd's
when doing a TCP connect() scan (-sT) with the result of killing the inetd
process. I've found that Digital Unix and Irix have been vulnerable to
this. I cannot reliably reproduce the problem[*] and have not tested it
against xinetd.
The work-around for the nmap user is to never use connect() scans, and to
explicitly use -sS (or one of the other stealth scans) in conjunction with
-O. There is no workaround for the system admin of the scanned system
that I know of, other than automated monitoring for crashed inetds (I'd
probably use netcat connecting to an inetd service like TCP daytime in a
loop with appropriate logic and an appropriate response action...).
[*] I have confirmed that it happens in response to a connect() scan and
not any other TCP scan type and that it sometimes occurs immediately
following a connect() scan when the inetd had been verified
immediately previously to be running fine.
On Tue, 22 Dec 1998, Olaf Selke wrote:
According to Sherwood Botsford:On Tue, 15 Dec 1998, Fyodor wrote: = I have just released version 2.00 of nmap, a program for network = security auditing and general Internet exploration. Almost all of the = core code has been rewritten for better performance and accuracy, and = many new features have been added. Here are some of its current = capabilities: Hi. Any idea why most of my hosts running HPUX 10.10 crashed during a local network scan with nmap -OI reproducible crashed Cisco routers running IOS version 12.0(1) with nmap -sU. Olaf -- Olaf Selke, olaf.selke () mediaways net, voice +49 5241 80-7069
-- Lamont Granquist lamontg () raven genome washington edu Dept. of Molecular Biotechnology (206)616-5735 fax: (206)685-7344 Box 352145 / University of Washington / Seattle, WA 98195 PGP pubkey: finger lamontg () raven genome washington edu | pgp -fka
Current thread:
- Nmap network auditing/exploring tool V. 2.00 released Fyodor (Dec 15)
- Re: Nmap network auditing/exploring tool V. 2.00 released Sherwood Botsford (Dec 21)
- Re: Nmap network auditing/exploring tool V. 2.00 released Olaf Selke (Dec 22)
- Re: Nmap network auditing/exploring tool V. 2.00 released Lamont Granquist (Dec 22)
- Re: Nmap network auditing/exploring tool V. 2.00 released Casper Dik (Dec 23)
- Re: Nmap network auditing/exploring tool V. 2.00 released Olaf Selke (Dec 22)
- Re: Nmap network auditing/exploring tool V. 2.00 released Sherwood Botsford (Dec 21)
- <Possible follow-ups>
- Re: Nmap network auditing/exploring tool V. 2.00 released Jefferson Ogata (Dec 22)