I will put my bet on the crash of IP stacks as well. Those systems
just can't handle the nmap probing packats properly. A very common
scenario is the systems open connections and allocate resources, but
fail to close them properly. I encountered these cases not only on
AS400, some old solaris OS also have similar issues.
On Fri, May 16, 2008 at 10:46 AM, Brahnda A. Eleazar
<brahnda.e_at_hermisconsulting.com> wrote:
> Peace all,
>
> I am wondering whether this is related or not.
> I was in the middle of beginning a pentest activity for a network segment containing quite a number of AS400 (Production).
> I started with a simple nmap first to see what I am facing.
> My command was (IPs are masked) "nmap -sV -vv -p 8470-8476 -o firsttry_port.nmap xxx.xxx.xxx.0/24"
> This lasted for about 15 minutes.
>
> After about 2 hours later, 2 out of 50+ identifiable machines started having problems.
> They became very slow.
> Those two machines are using ASP (Auxiliary Storage Pools), 1 ASP on the 1st machine and 2 ASPs on the 2nd.
>
> I just want to get more information whether my nmap did anything "bad"? :)
>
> Thanks and Regards,
> =adley=
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes
> in Securing Web Applications
> Find out now! Get Webinar Recording and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on May 17 2008
Intro
