Possible DoS for hosts running Veritas Netbackup Client Tested OS: solaris 7 Netbackup Version: NetBackup-Solaris2.6 3.2GA Cause a remote host running Veritas Netbackup client to fully utilize it's cpu(s). Here's the DoS. Run multiple nc (netcat) commands using a full range of ports from some remote host against a host running the netbackup client. Such as: # nc -z -n -w 10 ip_host_to_attack 1-65535 # nc -z -n -w 10 ip_host_to_attack 1-65535 # nc -z -n -w 10 ip_host_to_attack 1-65535 You need to run n+1 netcats, where n is the number of cpu's, to use all available cpu's on a box. So, a 2 processor box would require 3 netcats. I'm sure there's a more elegant way of doing this. The offending process is bpjava-msvc. It's run from inetd.conf. The exact reason this is happening is unclear. However, bpjava-msvc opens on it's port defined in /etc/services, via inetd, then apparently opens a arbitrary higher numbered port. netcat then connects to this port. I don't care to speculate what happens next, because I don't know. The higher numbered ports must not be blocked between the 2 hosts. Scott Parks
