Hello I'v tested that in : SQL*Netv2 at HPUX 10.20 with Oracle 7.3.3, SQL*Netv2 at HPUX 9.04 with Oracle 7.1.4, with zero & one SQL*Netv2 sessions opened, and there is no problem. tnslsnr goes to sleep immediately when the telnet connection has closed. Can be some previous load/resource problem ? Or OS-dependant ? On Mon, 28 Dec 1998, Adam Maloney wrote: > This was my original posting to NTBugtraq back in August. > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Adam Maloney > Systems Administrator > Internet Exposure > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > -----Original Message----- > From: Adam Maloney <adamat_private> > To: NTBUGTRAQat_private <NTBUGTRAQat_private> > Date: Thursday, August 27, 1998 12:27 PM > Subject: "NERP" DoS attack possible in Oracle > > > >NERP DoS attack for Oracle > > > >About two weeks ago I noticed that my NT machine was listening on port > 1526. > >I did not recognize this port number as a WKS, and it was not listed in > NT's > >services file, so I becamse suspicious. For lack of a better way, I > >telnetted to the port to try and find out what it was: > > > >telnet localhost 1526 > >Connected to kilroy.intexp.com on port 1526 > >NERP > > > >Disconnected from kilroy.intexp.com > > > >As soon as I disconnected, my CPU usage jumped to 100%. Upon looking at > >Taskman, I saw that a process named tnslsnr80.exe was the culprit. I could > >not kill the process, and after waiting for about 5 minutes for it to go > >away, I was forced to reboot my machine. > > > SNIP ... > > > >I am not 100% sure that this attack can be reproduced on anyone elses > >systems. I can reproduce it on my test machine, but all of the people that > >I had contacted, asking to try the exploit out have not gotten back to me > at > >all. > > > >BTW, a few people have asked me if NERP is significant...it is not, typing > >any random garbage is sufficient. The NERP was just a sporadic random > >thought. > > ============================================================================ Ministerio de Economia y Obras y Servicios Publicos Secretaria de Hacienda Tel : +54 1 349-6110 Pablo Luis Bucich Fax : +54 1 349-6505 Buenos Aires, Argentina e-mail : pbucicat_private ---------------------------------------------------------------------------- Windows 95: n. 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor, written by a 2 bit company that can't stand 1 bit of competition. "Winners don't use Windows" -- Windows: Just Say No
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:19 PDT