[OpenAFS] Attacks against AFS lead to crashing machines

[Jimmy Engelbrecht]

Wolfgang Friebel <friebel@ifh.de> writes:

>  CERN and other institutes are currently attacked from
>  130.237.48.109 (sul.e.kth.se)

We are very sorry if packets from our scanning program have caused you
problems by triggering a bug in some AFS clients. We had no malicious
intent by using a documented AFS call nor could we imagine that this
would cause you so much grief. We tested our probing software on our
own cell first and had - unfortunately for you - no crashes.

We have collected statistical data over AFS usage on the Internet for
some time and will present the data at the AFS Workshop at USENIX02.

The bug that caused the trouble is probably a memory leak that is fixed in
the OpenAFS 1.2.x releases and has never existed in Arla. We do not know yet
what IBM/Transarc versions are fixed or not.

/Jimmy Engelbrecht, Systems Engineer, Royal Institute of Technology