[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-sun
Subject: Re: killing suns with nmap
From: "Alek O. Komarnitsky (N-CSC)" <alek () AST ! LMCO ! COM>
Date: 2000-04-07 22:35:53
[Download RAW message or body]
> From: Ed Arnold <era@ucar.edu>
> Subject: killing suns with nmap
> To: FOCUS-SUN@securityfocus.com
>
> I'm interested in knowing if anyone here has come up with a combination
> of nmap args which will kill a solaris-7 machine with current patches.
> I've run nmap with various args against a couple solaris-7 machines with
> current (14 Mar 2000) recommended patchset installed; have not been able
> to make them croak.
FYI: There was a discussion about this recently on the nmap
discussion list - I started it! ;-)
Using nmap-web (more details below), I was able to crash a few inetd/machines,
but I think this was because I was agressive with some of the timeouts - since
I've scaled this back a bit, I have not seen this problem ... plus most of
the machines I saw it with earlier were semi-vintage machines.
BTW, it's not "really" nmap's "fault" if there is a fragile TCP/IP stack
out there ... although I can see where people might say otherwise! ;-)
I wrote earlier to security-focus:
FYI FWIW: nmap is an awesome tool ... I recently wrote a
quick-dirty web interface to this that basically condenses
the output of nmap scans on various ports on lots of machines.
It was originally written to "search/crawl" for web servers
by testing port 80, but it expanded a bit from there.
I.e. it was mostly written for the "white hats" as a means
of seeing what is open ... I'm sure there is pretty snazzy
tools out there written and in-use by the "black hats" ;-)
A screenshot, documentation, and tarball can be found at:
http://www.komar.org/komar/alek/ -> Misc. Tech Stuff -> nmap-scan
Just a Perl/CGI script with some HTML ... VERY easy to tweek, configure,
and install into your environment.
I remember reading that Fyodor changed the nmap format slightly;
so I just tested Beta18 and fixed nmap-web to handle this ... plus
I added a few more tidbits in there with version 1.2 ... ;-)
alek
P.S. FYI Ed: One of your colleges at NCAR wrote to the nmap list
about killing machines with nmap ... I'll let him discose who he is;
but he said he had to buy a lot of beer for the fellow Sysadmins! ;-)
--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help@insecure.org . List run by ezmlm-idx (www.ezmlm.org).
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic