[22731] in bugtraq
Re: HACMP and port scans
daemon@ATHENA.MIT.EDU (Alex Polli)
Tue Sep 25 13:35:36 2001
Message-ID: <000701c145b6$4793d680$0c0d84c8@w118227>
From: "Alex Polli" <apolli@pucrs.br>
To: "Eoin D. Fleming" <rtfm@eircom.net>
Cc: <bugtraq@securityfocus.com>
Date: Tue, 25 Sep 2001 08:36:12 -0300
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Yes, I've faced this. In fact, the tcp connect() function, when applied to
certain HACMP ports causes the system to shut down that node. However, if
you make a SYN scan it won't happen.
IBM has given us no workaround, so we deployed a firewall in front of the
cluster machine, dropping packets to the HACMP ports.
Another gift from IBM to you.
----- Original Message -----
From: "Eoin D. Fleming" <rtfm@eircom.net>
To: <bugtraq@securityfocus.com>
Sent: Monday, September 24, 2001 6:27 PM
Subject: HACMP and port scans
> It appears that IBM's HACMP 4.4 clustering software can be induced to fail
> simply by port scanning clustered machines, has anyone come accross this
> vulnerability and is there a workaround?
>
> Thanks,
> RT
>
>
