Bugtraq mailing list archives
Re: HACMP and port scans
From: Jordan Klein <haplo () haplo net>
Date: Wed, 26 Sep 2001 09:31:28 -0700 (PDT)
On Mon, 24 Sep 2001, Eoin D. Fleming wrote:
It appears that IBM's HACMP 4.4 clustering software can be induced to fail simply by port scanning clustered machines, has anyone come accross this vulnerability and is there a workaround? Thanks, RT
Yes, when I worked at IBM, we found this same problem. We had internal
security groups periodically port scanning our servers and they caused our
HACMP cluster servers to crash, as a result.
I don't remember all the details, as I didn't personally work with HACMP.
However, a good friend did and told me all about it. I believe IBM has
some patches that can fix this problem.
I think it's somehow simulating a failover signal, but not correctly, so
causing a kernel panic or something.
--
Jordan Klein haplo () haplo net
gpg fingerprint = 3D15 2822 F5A9 AED4 A66C 48EF 0A21 39CB A5BA 8C5B
You have moved your mouse. Windows will now reboot.
Current thread:
- HACMP and port scans Eoin D. Fleming (Sep 24)
- Re: HACMP and port scans Alex Polli (Sep 25)
- Re: HACMP and port scans Andreas Siegert (Sep 26)
- Re: HACMP and port scans Andrew Leonard (Sep 25)
- Re: HACMP and port scans Jordan Klein (Sep 26)
- <Possible follow-ups>
- RE: HACMP and port scans Ali, Farrad (Sep 25)
- RE: HACMP and port scans Steven Bishop (Sep 28)
- Re: HACMP and port scans Alex Polli (Sep 25)