Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Should nmap cause a DoS on cisco routers?
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Thu, 1 Jul 2010 11:07:36 +0000

On Jul 1, 2010, at 5:23 PM, Thierry Zoller wrote:

If a device crashes when being scanned - it's a vulnerability.

It sounds to me as if what happened was that he ended up driving the CPUs of the devices in question to 100%, and they 
stopped handling control-plane traffic and fell over.  There are infrastructure self-protection best current practices 
(BCPs) which can be deployed to defend against infrastructure-targeted DoS.

I've only seen this happen a few hundred times or so, so I could be wrong, of course.


As the original poster posited:

Is this a configuration error of the networking devices?

The answer is, almost assuredly, "Yes."

Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

    Injustice is relatively easy to bear; what stings is justice.

                        -- H.L. Mencken

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]