Penetration Testing mailing list archives
Re: Port scan causing system crashes
From: Death Star <deathstar2k3 () hotmail com>
Date: 12 Jun 2003 19:24:19 -0000
In-Reply-To: <00256D43.003E90C3.00 () postoffice co uk> NMAP port scan would also crash old MVS (IBM mainframe)systems. The problem I encountered in the past was the sockets opened by nmap to the MVS system stayed in the que which caused a performance problem on the system. The result was a system crash. You would also experience the same thing on most legacy systems such as VMS. The best way to resolve issues like this is to update your system, and if anything minimize the number of threads being probed by nmap using a timer (nmap -T polite -v -sTU XXX.XXX.XXX.XXX )
Received: (qmail 21553 invoked from network); 12 Jun 2003 13:11:34 -0000 Received: from outgoing3.securityfocus.com (205.206.231.27) by mail.securityfocus.com with SMTP; 12 Jun 2003 13:11:34 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing3.securityfocus.com (Postfix) with QMQP id 0DEFAA30D1; Thu, 12 Jun 2003 07:12:23 -0600 (MDT) Mailing-List: contact pen-test-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <pen-test.list-id.securityfocus.com> List-Post: <mailto:pen-test () securityfocus com> List-Help: <mailto:pen-test-help () securityfocus com> List-Unsubscribe: <mailto:pen-test-unsubscribe () securityfocus com> List-Subscribe: <mailto:pen-test-subscribe () securityfocus com> Delivered-To: mailing list pen-test () securityfocus com Delivered-To: moderator for pen-test () securityfocus com Received: (qmail 18322 invoked by uid 0); 12 Jun 2003 08:25:38 -0000 X-Lotus-FromDomain: POSTOFFICE From: steve.x.jones () royalmail com Sender: steve.x.jones () royalmail com To: pen-test () securityfocus com Message-ID: <00256D43.003E90C3.00 () postoffice co uk> Date: Thu, 12 Jun 2003 11:23:06 +0000 Subject: Port scan causing system crashes Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Hello Please can you help? Has any-one else out there had issues with NMAP
port scans
(or any other port scanner) causing systems to crash? I use Nessus to baseline the security of our systems and have twice had
problems
caused by the NMAP port scan on clustered unix boxes running our
enterprise
applications. NOTE - it was the initial port scan that caused the
problems, not
the subsequent vulnerability assessment. I've done a quick Google search and found confirmation for one of the
systems -
BUGTRAQ Vulnerability 3358, "IBM HACMP Port Scan Denial of Service
Vulnerability",
the other was a bespoke app running on some HP UX boxes. Does any-one know of other systems that fall over with a simple port scan? Up til now I've been running port scans happily across our subnets to
look for
rogue FTP, SMTP, HTTP etc, obviously I'll have to take more care now... Thanks in advance for any help. Steve This email and any attachments are confidential and intended for the
addressee
only. If you are not the named recipient, you must not use, disclose,
reproduce,
copy or distribute the contents of this communication. If you have
received this
in error, please contact the sender and then delete this email from your
system.
--------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Port scan causing system crashes, (continued)
- Re: Port scan causing system crashes Helmut Springer (Jun 12)
- Re: Port scan causing system crashes Anthony Kim (Jun 12)
- Re: Port scan causing system crashes Adam Carter (Jun 13)
- RE: Port scan causing system crashes OBrien, Brennan (Jun 12)
- Re: Port scan causing system crashes MARTIN M. Bénoni (Jun 12)
- RE: Port scan causing system crashes Whiteside, Larry [contractor] (Jun 12)
- Re: Port scan causing system crashes Clem Skorupka (Jun 12)
- Re: Port scan causing system crashes Renaud Deraison (Jun 12)
- Re: Port scan causing system crashes Clem Skorupka (Jun 12)
- Re: Port scan causing system crashes Clem Skorupka (Jun 12)
- RE: Port scan causing system crashes Steve Goldsby (ICS) (Jun 12)
- Re: Port scan causing system crashes Death Star (Jun 12)
- RE: Port scan causing system crashes Brass, Phil (ISS Atlanta) (Jun 12)
- Re: Port scan causing system crashes Kevin Pietersma (Jun 13)
- FW: Port scan causing system crashes Brewis, Mark (Jun 13)
- RE: Port scan causing system crashes Martin Walker (Jun 16)
- RE: Port scan causing system crashes Death Star (Jun 16)