Re: HACMP and port scans
From: Andreas Siegert (afxml@atsec.com)Date: 09/26/01
- Previous message: Andrew Leonard: "Re: HACMP and port scans"
- In reply to: Alex Polli: "Re: HACMP and port scans"
- Next in thread: Ali, Farrad: "RE: HACMP and port scans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Sep 2001 10:14:40 +0200 From: Andreas Siegert <afxml@atsec.com> To: bugtraq@securityfocus.com Subject: Re: HACMP and port scans Message-ID: <20010926101438.A1730@cray.muc.atsec.de>
Quoting Alex Polli (apolli@pucrs.br) on Tue, Sep 25, 2001 at 01:36:12PM +0200:
> Yes, I've faced this. In fact, the tcp connect() function, when applied to
> certain HACMP ports causes the system to shut down that node. However, if
> you make a SYN scan it won't happen.
>
> IBM has given us no workaround, so we deployed a firewall in front of the
> cluster machine, dropping packets to the HACMP ports.
Current AIX releases (AIX 4.3) have a packet filter that might help.
cheers
afx
--
atsec information security GmbH Phone: +49-89-44249830
Steinstrasse 68 Fax: +49-89-44249831
D-81667 Muenchen, Germany WWW: www.atsec.com
May the Source be with you!
- Previous message: Andrew Leonard: "Re: HACMP and port scans"
- In reply to: Alex Polli: "Re: HACMP and port scans"
- Next in thread: Ali, Farrad: "RE: HACMP and port scans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
