And this is why BreakingPoint matters: Because, oh man, network people let manufacturers get away with shipping some really fragile code.
If a Windows desktop fell over because you looked at it funny -- and lets be honest, nmap -sV is quite literally, looking at something funny -- it'd be an unambiguous remote DoS and we'd laugh at Microsoft if they said we should deploy best practices to deal with it. Now, if the networking equipment in question was a $75 Linksys router, sure. There's a million ways to knock those things over, and you get what you pay for. But genuinely expensive gear? Some of that budget needs to start going into resiliency. On Thu, Jul 1, 2010 at 1:07 PM, Dobbins, Roland <[email protected]> wrote: > > On Jul 1, 2010, at 5:23 PM, Thierry Zoller wrote: > > > If a device crashes when being scanned - it's a vulnerability. > > It sounds to me as if what happened was that he ended up driving the CPUs > of the devices in question to 100%, and they stopped handling control-plane > traffic and fell over. There are infrastructure self-protection best > current practices (BCPs) which can be deployed to defend against > infrastructure-targeted DoS. > > I've only seen this happen a few hundred times or so, so I could be wrong, > of course. > > ;> > > As the original poster posited: > > > Is this a configuration error of the networking devices? > > The answer is, almost assuredly, "Yes." > > ----------------------------------------------------------------------- > Roland Dobbins <[email protected]> // <http://www.arbornetworks.com> > > Injustice is relatively easy to bear; what stings is justice. > > -- H.L. Mencken > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
