[OpenAFS] Attacks against AFS lead to crashing machines
Jan Tax
tax@unc.edu
Fri, 7 Jun 2002 05:09:04 -0400 (Eastern Daylight Time)
On Fri, 7 Jun 2002, Hans-Werner Paulsen wrote:
> On Thu, Jun 06, 2002 at 11:21:54PM +0200, Jimmy Engelbrecht wrote:
> >
> > Wolfgang Friebel <friebel@ifh.de> writes:
> >
> > > CERN and other institutes are currently attacked from
> > > 130.237.48.109 (sul.e.kth.se)
> >
> > We are very sorry if packets from our scanning program have caused you
> > problems by triggering a bug in some AFS clients. We had no malicious
> > intent by using a documented AFS call nor could we imagine that this
> > would cause you so much grief. We tested our probing software on our
> > own cell first and had - unfortunately for you - no crashes.
>
> Which documentation did you use?
>
> > The bug that caused the trouble is probably a memory leak that is fixed in
> > the OpenAFS 1.2.x releases and has never existed in Arla. We do not know yet
> > what IBM/Transarc versions are fixed or not.
>
> We had system crashes on 5 of our AFS server machines, but they were
> running OpenAFS-1.2.3 and AIX-4.3.3. Therefore it is n o t fixed
> in OpenAFS 1.2.x.
We have had system crashes on 3 of our AIX 4.3.3 AFS fileserver machines,
the most recent 1/2-hour ago. All are running IBM/Transarc version 3.6
build 2.32, so there still appears to be a bug that afscrawler tickles.
Jan
---------------------------------------------------------------------------
Jan Tax Email: jan_tax@unc.edu
Academic Technology and Networks Phone: +1.919.962.5642
University of North Carolina at Chapel Hill Fax: +1.919.962.5664
---------------------------------------------------------------------------