tech-net: Re: Nmap Protocol Scanning DoS against OpenBSD IPSEC

Subject: Re: Nmap Protocol Scanning DoS against OpenBSD IPSEC
To: <>
From: None <itojun@iijlab.net>
List: tech-net
Date: 09/28/2000 22:52:05

------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3696.970149112.1@coconut.itojun.org>
Content-Transfer-Encoding: 7bit

>>	Can someone confirm that we are not vulnerable?
>	i'll try to run the test, and make whatever fix necessary (if there is).

	no problem with almost-generic NetBSD1.5F.

itojun

------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3696.970149112.2@coconut.itojun.org>
Content-Transfer-Encoding: 7bit

# uname -a
NetBSD starfruit.itojun.org 1.5F NetBSD 1.5F (STARFRUIT) #170: Thu Sep 28 21:47:40 JST 2000     itojun@starfruit.itojun.org:/usr/home/itojun/NetBSD/src/sys/arch/i386/compile/STARFRUIT i386
# ./nmap -sO 127.0.0.1

Starting nmap V. 2.54BETA5 ( www.insecure.org/nmap/ )
Interesting protocols on localhost (127.0.0.1):
(The 242 protocols scanned but not shown below are in state: closed)
Protocol   State       Name
1          open        icmp
2          open        igmp
4          open        ip
6          open        tcp
17         open        udp
29         open        iso-tp4
41         open        ipv6
47         open        gre
50         open        esp
51         open        ah
55         open        mobile
108        open        ipcomp

Nmap run completed -- 1 IP address (1 host up) scanned in 7 seconds

------- =_aaaaaaaaaa0--