I am unsure if it is a known problem (I'm fairly new to this list), however I managed to cause our SCO OpenServer 5.0 box to exhibit similar behavior, by simply running nmap (out of curiosity) against it with: nmap -v -v -O <ip of sco box> This was some time ago - I just put it down to SCO's dodgy per-connection licensing scheme and made a mental note to not scan that box - we didn't have a console available (only way into it via telnetd), so I couldn't verify whether or not it was only inetd that crashed. Regards Jethro -----Original Message----- From: Scott Brewster [SMTP:ScottBrewster@firsthealth.com] Sent: Thursday, 31 January 2002 7:33 AM To: bobdog@drunk.co.nz; bugtraq@securityfocus.com Subject: Re: DoS bug on Tru64 I ran the nmap command listed below against one of my 5.1 systems. It didnt seem to have caused any problems. Not only could I still make connections, the existing connections continued to function normally (no freeze-ups). I wouldnt call this a conclusive test, but my system didnt suffer any ill effects. scott >>> "Bob Dog" <bobdog@drunk.co.nz> 01/30/02 12:55PM >>> --- ellipse <elliptic@cipherpunks.com> wrote: >> Today we were using nmap to scan our network and when we scanned our >> Tru64 machines, telnet and ftp froze and timed out. We could not make >> any connections to those ports and existing connections froze. New >> connections were denied for about a minute after the scan was finished. >> I've checked with Compaq and on Securityfocus and neither place has any >> knowledge of this. >[...] >> nmap -T Polite -O -p 23,139 -oM /tmp/lst 'xxx.xxx.16-44.*' > >Why does this sound so familiar? Would this not be an issue with inetd? Support for 4.0D went away as of about September of '01. Does anyone know if this is an issues with 5.1? Have no box that I want to test this with. _____________________________________________________________ Visit these sites today Blink 182 Fan Site - www.blink182.co.nz NZ Skateboarding - www.nzskate.com
