Re: Kill a Unisys Clearpath with nmap port scan

[<Michael.Kain () unisys com>]

In-Reply-To: <5.1.0.14.0.20021002130602.0399e3e8 () mail stdnet com>

I've emailed Jonathan privately, but I'll post here as well in case others 
have experienced this as well.

I'm one of the lead security engineers for the ClearPath MCP environment 
(NX, LX, etc), and have run security scanners against the MCP environment 
dating back to the MCP 5.0 software release.  I've just completed running 
them against the MCP 8.0 networking release, and have never experienced a 
fatal system error because of them.  Excessive logging, yes, since the 
current design does log an entry for each "SYN received for unknown port" 
that occurs into the system sumlog.

I'd like to get some more detailed information about this so that we can 
see what can be done to help and clarify what is being seen.  Please 
contact me directly.

Mike Kain
System Enabling Software -- Eastern Development Lab
Unisys Corporation, Malvern, PA [Michael.Kain () unisys com]

Adjunct Professor, Computer Science Dept., College of Engineering
Drexel University, Philadelphia, PA [mkain () mcs drexel edu]