Penetration Testing mailing list archives
Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs?
From: Jon Kibler <Jon.Kibler () aset com>
Date: Fri, 16 May 2008 03:08:01 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brahnda A. Eleazar wrote:
Peace all, I am wondering whether this is related or not. I was in the middle of beginning a pentest activity for a network segment containing quite a number of AS400 (Production). I started with a simple nmap first to see what I am facing. My command was (IPs are masked) "nmap -sV -vv -p 8470-8476 -o firsttry_port.nmap xxx.xxx.xxx.0/24" This lasted for about 15 minutes. After about 2 hours later, 2 out of 50+ identifiable machines started having problems. They became very slow. Those two machines are using ASP (Auxiliary Storage Pools), 1 ASP on the 1st machine and 2 ASPs on the 2nd. I just want to get more information whether my nmap did anything "bad"? :) Thanks and Regards, =adley=
Most likely you hosed the IP stack. I wrote a question about this a few months ago before I started testing a net with a couple of AS/400s. I took out both boxes. I had forewarned the client that this was a good possibility, and they were prepared. Try to reboot the boxes. It worked for me. If that does not work, you may have killed the NICs or BIOS/firmware. I have seen that happen before on other non-PC equipment (security, HVAC, etc.), but not AS/400s, but it is a possibility. Lots of luck! Please let us all know what you find. Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkgtMtEACgkQUVxQRc85QlMy7wCfVs5H1SzvlkC+5+BAE/SQOFr/ vvsAn2OifUdhdg/TGGZRg1skxULnuiKD =2qjB -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- username and Password sent as clear text strings jfvanmeter (May 14)
- RE: username and Password sent as clear text strings Shenk, Jerry A (May 15)
- Re: username and Password sent as clear text strings Todd Haverkos (May 15)
- Collection of problems in production systems while pen-testing - "Butterfly effect" Adriano Leite (DHL CZ) (May 28)
- RE: username and Password sent as clear text strings Shenk, Jerry A (May 15)
- RE: username and Password sent as clear text strings Jones, David H (May 15)
- Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Brahnda A. Eleazar (May 15)
- Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Jon Kibler (May 16)
- RE: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Newton, Preston (May 16)
- Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? pand0ra (May 16)
- Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? pand0ra (May 16)
- Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Rick Zhong (May 17)
- RE: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Brahnda A. Eleazar (May 26)
- RE: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Adriano Leite (DHL CZ) (May 28)
- RE: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Brahnda A. Eleazar (May 28)
- Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs? Brahnda A. Eleazar (May 15)
- Re: username and Password sent as clear text strings David Howe (May 21)