Should nmap cause a DoS on cisco routers?



Hello,

Some days ago, I had the task to discover the SNMP version that our servers and networking devices use. So I run nmap using the following command:

nmap -sU -sV -p 161-162 -iL target_file.txt

This command was supposed to use UDP to probe ports 161 and 162, which are used for SNMP and SNMP Trap respectively, and return the SNMP version.

This "innocent" command caused most networking devices to crash and reboot, causing a Denial of Service attack and bringing down the network.

Now my question is.. Should this had happened? Can nmap bring the whole network down from one single machine?

Is this a configuration error of the networking devices?

This is scary...

Shang Tsung








------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------