Quoting "Eoin D. Fleming" <rtfm@eircom.net>: > It appears that IBM's HACMP 4.4 clustering software can be induced to > fail simply by port scanning clustered machines, has anyone come accross > this vulnerability and is there a workaround? I have not seen this particular vulnerability, having never used HACMP. However, I did see a very similar thing on Compaq's TruCluster product two jobs ago: If port-scanned from a machine without a PTR record in DNS, the cluster would develop split-brain syndrome. At management's request, this was kept quiet (as in, not posted here), and we worked with Compaq to develop a patch. This was back in 1999, and applied to TruCluster 1.5 (I think...). I never saw an advisory about this from Compaq, so as far as I know this was quietly rolled into TruCluster updates. cheers: andy -- Andrew Leonard Geospiza, Inc. 3939 Leary Way NW Seattle, WA 98107 (206) 633-4403; (206) 633-4415 (fax)
