Home page logo

Nmap Announce mailing list archives

Re: Setting nmap host_timeout too low may cause DoS on inetd (?)
From: Thomas Reinke <reinke () e-softinc com>
Date: Thu, 16 Mar 2000 23:28:38 -0500


A few percent of the scanned machines end up with a "hanging" inetd;
so inbound telnet/etc. connections are no longer accepted. Interestingly enough,
one can often "clear" it by doing another scan to just the targeted host.
And on a few machines, inetd flatout died - so then you are basically hosed!

Sun Bug ID4260432 describes a situation somewhat similar to this ... but the
problem in not repeatable in any way ... the vast majority of the time; the
scan just finishes and we are all happy.


Does any of this make sense and/or sound familier to people?

Yup, this is familiar. We ran into this problem with a free
nmap based scanning service we run on the web. Same sort of
problem: a full TCP connect scan would leave the remote
Solaris system in an unusable state.  Never did identify
the root cause though...nice to see the Bug ID.

Thomas Reinke                            Tel: (905) 331-2260
Director of Technology                   Fax: (905) 331-2504
E-Soft Inc.                         http://www.e-softinc.com
SecuritySpace                   http://www.securityspace.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]