radmin_detect.nasl DoS-ing snmpd? [long]
Crow, Owen
Owen_Crow at bmc.com
Mon Sep 22 20:08:45 EDT 2003
Right, but there's got to be plenty of broken services that a "safe" scan
attempts to avoid triggering already. Is there a way to let radmin_detect
do it's job without this unwanted side effect? I'm willing to do what I can
to provide traces and dumps. Maybe avoid that one test that triggers it on
HP-UX systems?
If Nessus scans are seen as harmful in our environment it makes it harder to
get permission to do them.
Thanks,
Owen
-----Original Message-----
From: Michel Arboi [mailto:mikhail at nessus.org]
Sent: Monday, September 22, 2003 5:24 PM
To: nessus at list.nessus.org
Subject: Re: radmin_detect.nasl DoS-ing snmpd? [long]
"Crow, Owen" <Owen_Crow at bmc.com> writes:
> It fails when the only plugin enabled is radmin_detect.nasl.
[snip]
> And based on this, I hard-coded radmin_detect.nasl to attack port 7161 and
> that caused the problem.
Well... I'd say that you found a bug in HP snmpd.
radmin_detect is not supposed to be destructive. But just like
find_service, or even a simple port scanner, it can kill broken
services :-\
More information about the Nessus
mailing list