Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs?

Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs?

From: Jon Kibler <Jon.Kibler_at_aset.com>
Date: Fri, 16 May 2008 03:08:01 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brahnda A. Eleazar wrote:
> Peace all,
>
> I am wondering whether this is related or not.
> I was in the middle of beginning a pentest activity for a network segment containing quite a number of AS400 (Production).
> I started with a simple nmap first to see what I am facing.
> My command was (IPs are masked) "nmap -sV -vv -p 8470-8476 -o firsttry_port.nmap xxx.xxx.xxx.0/24"
> This lasted for about 15 minutes.
>
> After about 2 hours later, 2 out of 50+ identifiable machines started having problems.
> They became very slow.
> Those two machines are using ASP (Auxiliary Storage Pools), 1 ASP on the 1st machine and 2 ASPs on the 2nd.
>
> I just want to get more information whether my nmap did anything "bad"? :)
>
> Thanks and Regards,
> =adley=
>
>

Most likely you hosed the IP stack. I wrote a question about this a few
months ago before I started testing a net with a couple of AS/400s. I
took out both boxes. I had forewarned the client that this was a good
possibility, and they were prepared.

Try to reboot the boxes. It worked for me.

If that does not work, you may have killed the NICs or BIOS/firmware. I
have seen that happen before on other non-PC equipment (security, HVAC,
etc.), but not AS/400s, but it is a possibility.

Lots of luck!

Please let us all know what you find.

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgtMtEACgkQUVxQRc85QlMy7wCfVs5H1SzvlkC+5+BAE/SQOFr/
vvsAn2OifUdhdg/TGGZRg1skxULnuiKD
=2qjB
-----END PGP SIGNATURE-----

==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on May 16 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]