mailing list archives
Re: Kill a Unisys Clearpath with nmap port scan
From: <Michael.Kain () unisys com>
Date: 4 Oct 2002 17:31:41 -0000
In-Reply-To: <220.127.116.11.0.20021002130602.0399e3e8 () mail stdnet com>
I've emailed Jonathan privately, but I'll post here as well in case others
have experienced this as well.
I'm one of the lead security engineers for the ClearPath MCP environment
(NX, LX, etc), and have run security scanners against the MCP environment
dating back to the MCP 5.0 software release. I've just completed running
them against the MCP 8.0 networking release, and have never experienced a
fatal system error because of them. Excessive logging, yes, since the
current design does log an entry for each "SYN received for unknown port"
that occurs into the system sumlog.
I'd like to get some more detailed information about this so that we can
see what can be done to help and clarify what is being seen. Please
contact me directly.
System Enabling Software -- Eastern Development Lab
Unisys Corporation, Malvern, PA [Michael.Kain () unisys com]
Adjunct Professor, Computer Science Dept., College of Engineering
Drexel University, Philadelphia, PA [mkain () mcs drexel edu]