Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Dangerous in using nmap for AS/400 730 machine configured with 3 ASPs?
From: Jon Kibler <Jon.Kibler () aset com>
Date: Fri, 16 May 2008 03:08:01 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brahnda A. Eleazar wrote:
Peace all,

I am wondering whether this is related or not.
I was in the middle of beginning a pentest activity for a network segment containing quite a number of AS400 
(Production).
I started with a simple nmap first to see what I am facing.
My command was (IPs are masked) "nmap -sV -vv -p 8470-8476 -o firsttry_port.nmap xxx.xxx.xxx.0/24"
This lasted for about 15 minutes.

After about 2 hours later, 2 out of 50+ identifiable machines started having problems.
They became very slow.
Those two machines are using ASP (Auxiliary Storage Pools), 1 ASP on the 1st machine and 2 ASPs on the 2nd.

I just want to get more information whether my nmap did anything "bad"? :)

Thanks and Regards,
=adley=



Most likely you hosed the IP stack. I wrote a question about this a few
months ago before I started testing a net with a couple of AS/400s. I
took out both boxes. I had forewarned the client that this was a good
possibility, and they were prepared.

Try to reboot the boxes. It worked for me.

If that does not work, you may have killed the NICs or BIOS/firmware. I
have seen that happen before on other non-PC equipment (security, HVAC,
etc.), but not AS/400s, but it is a possibility.

Lots of luck!

Please let us all know what you find.

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgtMtEACgkQUVxQRc85QlMy7wCfVs5H1SzvlkC+5+BAE/SQOFr/
vvsAn2OifUdhdg/TGGZRg1skxULnuiKD
=2qjB
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault