Full Disclosure mailing list archives
Re: Should nmap cause a DoS on cisco routers?
From: "cor () outpost24 com" <cor () outpost24 com>
Date: Thu, 01 Jul 2010 05:41:02 +0000
During my training classes I always tell the -sV switch is dangerous and known to (sometimes) crash the target. Usually a better tool to test open udp ports is unicornscan, but that doesn't have a switch like -iL. Since you are testing your own devices and you know the community string, you could insider to loop through the list of IP's and snmpget a value from the MIB. Cor sent from a mobile device ----Origineel bericht---- Van: Shang Tsung Verzonden: 30-06-2010 13:03:32 Onderw.: Should nmap cause a DoS on cisco routers? Hello, Some days ago, I had the task to discover the SNMP version that our servers and networking devices use. So I run nmap using the following command: nmap -sU -sV -p 161-162 -iL target_file.txt This command was supposed to use UDP to probe ports 161 and 162, which are used for SNMP and SNMP Trap respectively, and return the SNMP version. This "innocent" command caused most networking devices to crash and reboot, causing a Denial of Service attack and bringing down the network. Now my question is.. Should this had happened? Can nmap bring the whole network down from one single machine? Is this a configuration error of the networking devices? This is scary... Shang Tsung ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Should nmap cause a DoS on cisco routers? cor () outpost24 com (Jun 30)