Experimental Physics and Industrial Control System
|
Subject: |
Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] |
|
From: |
"J. Lewis Muir" <[email protected]> |
|
To: |
Mark Engbretson <[email protected]> |
|
Cc: |
'EPICS Tech Talk' <[email protected]> |
|
Date: |
Wed, 24 Jan 2018 09:51:04 -0600 |
On 01/23, Mark Engbretson wrote:
> For whatever it is worth, there are a large number of Ethernet devices
> that have to be manually reset at the APS when the network police run
> their various port scans - PLC systems, Area Detectors, Galil Ethernet
> motor controllers, whatever.
Hi, Mark.
Frankly, that's sad.
> Their docs also state clearly that such hardware is intended to
> be used on an isolated or protected network. I do not think that
> any software or hardware vendor is going to say their server
> implementations can 100% survive what is essentially a DOS attack.
A port scan is not a DOS attack. Software that crashes due to receiving
an invalid packet has a DOS vulnerability because that vulnerability
could be used in a DOS attack. Obviously, I understand that the
software is intended to be used on a trusted network, but crashing
because it receives an invalid packet is a bug and should be fixed.
Regards,
Lewis
- References:
- Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Shuei YAMADA
- Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Ralph Lange
- Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] J. Lewis Muir
- Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Ralph Lange
- Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Benjamin Franksen
- Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Hartman, Steven M.
- Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Michael Davidsaver
- RE: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Mark Engbretson
- Navigate by Date:
- Prev:
Career Opportunity White, Karen S.
- Next:
Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] J. Lewis Muir
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
<2018>
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
RE: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Mark Engbretson
- Next:
Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] Mark Rivers
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
<2018>
2019
2020
2021
2022
2023
2024