Experimental Physics and
Industrial Control System
| 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 <2006> 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 | Index | 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 <2006> 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 |
| <== Date ==> | <== Thread ==> |
|---|
| Subject: | Re: Ioc denial of service attacks |
| From: | Maren Purves <[email protected]> |
| To: | Mark Rivers <[email protected]> |
| Cc: | [email protected] |
| Date: | Mon, 06 Feb 2006 08:40:02 -1000 |
Folks,
We have definitely seen these problems with PowerPC processors
(MVME2700) on vxWorks 5.4. The problem is quite easy to cause, simply
send large ping packets to the IOC as fast as possible (required root
priv on Linux). The IOC will lose all network connectivity and never
recover.
We see similar behavior (loss of connectivity) when we download code to serial line devices (e.g. motor controllers) - but our IOCs have so far always recovered when the download was done. This mostly happens on an hknitro60. We haven't downloaded code into the motor controller we have connected to a hkbaja4700E in so long that I don't remember whether it happens there too.
Maren
This behavior was happening on our IOCs at the NSLS at Brookhaven, and we are 99% sure it was happening when their computer group did network scans. We would ask them to not scan the IOC IP addresses, and they would remember that for a while, then forget and crash the IOCs. We finally just put 2 network cards in the computers at the beamlines and put the IOCs on a private subnet that cannot be scanned.
Mark
-----Original Message-----
From: Jeff Hill [mailto:[email protected]] Sent: Monday, February 06, 2006 11:31 AM
To: 'Brad Cumbia'; [email protected]
Subject: RE: Ioc denial of service attacks
Brad,
I don't know of any such vulnerability. Are you experiencing such crashes? If so please arrange for a vxWorks specialist to capture a stack trace,
thread cpu usage, MBUF usage information. With that information I could probably take the necessary steps to avoid trouble in the future.
I am particularly interested in situations where the IOC does not recover
after the sacan is completed.
Thanks,
Jeff
-----Original Message-----
From: Brad Cumbia [mailto:[email protected]] Sent: Monday, February 06, 2006 10:09 AM
To: [email protected]
Subject: Ioc denial of service attacks
Has anyone experienced global ioc crash's due to NMAP or Nessus security scans?
Also how do other labs isolate their ioc network to insure the integrity of the systems? Any help would be appreciated.
- References:
- RE: Ioc denial of service attacks Mark Rivers
- Navigate by Date:
- Prev: RE: ASYN/devGPIB/GPIBCVTIO problem Redman, Russell
- Next: RE: ASYN/devGPIB/GPIBCVTIO problem Mark Rivers
- Index: 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 <2006> 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024
- Navigate by Thread:
- Prev: Re: Ioc denial of service attacks D. Peter Siddons
- Next: QtCATool - new CA client Liyu, Andrei
- Index: 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 <2006> 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·