Re: HACMP and port scans

From: Andreas Siegert (afxmlat_private)
Date: Wed Sep 26 2001 - 01:14:40 PDT

Next message: bugzillaat_private: "[RHSA-2001:110-05] Insecure setserial initscript"

Previous message: Andrew Leonard: "Re: HACMP and port scans"
In reply to: Alex Polli: "Re: HACMP and port scans"
Next in thread: Ali, Farrad: "RE: HACMP and port scans"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Alex Polli (apolliat_private) on Tue, Sep 25, 2001 at 01:36:12PM +0200:
> Yes, I've faced this. In fact, the tcp connect() function, when applied to
> certain HACMP ports causes the system to shut down that node. However, if
> you make a SYN scan it won't happen.
> 
> IBM has given us no workaround, so we deployed a firewall in front of the
> cluster machine, dropping packets to the HACMP ports.

Current AIX releases (AIX 4.3) have a packet filter that might help.

cheers
afx
-- 
atsec information security GmbH                Phone: +49-89-44249830
Steinstrasse 68                                  Fax: +49-89-44249831
D-81667 Muenchen, Germany                        WWW: www.atsec.com
                      May the Source be with you!

Next message: bugzillaat_private: "[RHSA-2001:110-05] Insecure setserial initscript"
Previous message: Andrew Leonard: "Re: HACMP and port scans"
In reply to: Alex Polli: "Re: HACMP and port scans"
Next in thread: Ali, Farrad: "RE: HACMP and port scans"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Sep 26 2001 - 09:54:43 PDT