[27515] in bugtraq
Re: NFS Denial of Service advisory from Sun
daemon@ATHENA.MIT.EDU (Edsel Adap)
Fri Oct 18 22:30:13 2002
Date: Fri, 18 Oct 2002 08:55:11 -0400
From: Edsel Adap <edsel@trillian.adap.org>
To: m g <mg_outlaw@hotmail.com>
Message-ID: <20021018085511.A1576@adap.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="fdj2RfSjLxBAspz7"
Content-Disposition: inline
In-Reply-To: <F77Fa4FtdNTXEnSxHnY00001087@hotmail.com>; from mg_outlaw@hotmail.com on Thu, Oct 17, 2002 at 12:21:50PM +0000
--fdj2RfSjLxBAspz7
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I tested this on my Solaris NFS server and it didn't kill lockd.
However there are many ways to DoS a Solaris NFS server.
One of them is to put a RedHat 7.3 (original kernel) on the network
as an NFS client then initiate a large read over NFS and watch the
Solaris NFS server become unresponsive to pings. As soon as you kill
the read everything goes back to normal.
On Thu, Oct 17, 2002 at 12:21:50PM +0000, m g wrote:
> Hello all,
>=20
> Today, Sun released an advisory (47815) about how the lockd can be used t=
o=20
> cause a DoS of NFS. However they did not provide any details about how th=
e=20
> lockd can be killed to trigger this. See=20
> http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=3Dfsalert%2F47815&zone_32=
=3Dcategory%3Asecurity
>=20
> Does anyone know if this security issue is somehow related to the Bugtraq=
=20
> posting from Mike Murray about lockd and nfs on Linux from June 2000, s=
ee:
> http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html
>=20
> I currently don't have a Sun box available to test it myself, so perhaps=
=20
> someone else can verify this or provide me information about this.
>=20
> Grtx Mike G. (not Mike Murray)
>=20
> _________________________________________________________________
> Unlimited Internet access for only $21.95/month.=A0 Try MSN!=20
> http://resourcecenter.msn.com/access/plans/2monthsfree.asp
--=20
Edsel Adap
edsel@adap.org
http://www.adap.org/~edsel/ LINUX - the choice of the GNU generati=
on
"Netscape is an application which grows to fill all available memory." - me
--fdj2RfSjLxBAspz7
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9sASvm5zHAsD2X+oRAsU1AJ0b9JNFGfZf4g/SGMSmBMTLCuNBkwCffICL
mqs92ZdA3isZdQxfROzrbBA=
=ZwCj
-----END PGP SIGNATURE-----
--fdj2RfSjLxBAspz7--
