Fwd: [OpenAFS] Attacks against AFS lead to crashing machines
Todd_DeSantis@transarc.com
Todd_DeSantis@transarc.com
Thu, 6 Jun 2002 10:50:44 -0400 (EDT)
---------- Forwarded message begins here ----------
Hi Wolfgang:
> CERN and other institutes are currently attacked from
> 130.237.48.109 (sul.e.kth.se)
> By scanning port 7001 and sending malicious packets the attacker
> was able to crash AFS servers.
> Reports have shown that at least Solaris 5.6 and 5.7 machines and AIX
> 4.3.3 machines are affected, but probably that are not the only
> platforms.
> We reccommend to take appropriate mesures against this attack (at
> least blocking the originating site)
> The versions of AFS involved in our sad experien ce were 3.6 build
> 2.5 (patch1) and 3.6 build 2.26 (patch3).
We addressed many of these problems in Patch 4 of the AFS code base
3.6 build 2.27 and was part of patch 4
3.6 build 2.32
We would need to verify that the problem you saw was related to the
problems you saw.
Thanks
Todd DeSantis
AFS Support