Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Bugtraq item about Netapps.

From: matt () CAMEL ETHEREAL NET (just me.)
Date: Fri, 12 Feb 1999 10:51:53 -0800

Lets pare this scenario down to practicality, to make things even
clearer. I think that everyone will agree that we can eliminate:

  IF somebody really wants to screw us up
  (assumed when doing security analysis)

  IF they care to upgrade the firmware on our filer and
  (malicious intent is assumed)

  IF they know how to do it and
  (it's on bugtraq.)

This leaves us with:

  IF they can crack our firewall and
  IF they can crack the root password of our admin host and
  IF it breaks the filer beyond usablility

Which is a rather conservitive chain of events. In reality its
closer to:

Compromise/circumvent border access controls
Spoof the identity of admin host
Gain admin privileges on filer.

This is the same chain of events that happens with any
compromised trust relationship. Nothing new. The procedures to
minimize exposure and the risk of this happening are decades old.

There is (in this scenario) no Netapp software at fault. Merely
lazy administrators extending trust where its not neccesary or
safe to do so.

As far as:

  that's whay we have backups and
  that's why we buy hardware support.

goes; I don't know what kind of enviroment you work in, but in
mine, backups and disaster recovery are important; but so is
confidentiality. Your scenario makes no allowance for the release
of proprietary information presumably on the filer.


matto


On Fri, 12 Feb 1999, Graham C. Knight wrote:

  I find this all rather amusing.

  IF somebody really wants to screw us up and
  IF they can crack our firewall and
  IF they can crack the root password of our admin host and
  IF they care to upgrade the firmware on our filer and
  IF they know how to do it and
  IF it breaks the filer beyond usablility

  THEN

  that's whay we have backups and
  that's why we buy hardware support.



--matt () snark net---------------------------------------------<darwin><
  Matt Ghali MG406/GM023JP tokyo refugee - system admin - pop-tart fan
  www.hello-kitty.net      "WWW my testicles!" - Bob Allisat, net.kook
Previous By Date Next
Previous By Thread Next

Current thread: