Re: sms and adsm over firewalls

[jrg () gbnet net (James R Grinter)]

On Fri 4 Jun, 1999, Antonomasia <ant () notatla demon co uk> wrote:
> Matthew_S_Cramer () armstrong com:
> > Using ADSM on an unprotected network is dangerous.  From what I understand
> > anyone can fire up the client and restore files to an unprotected server as it
> > authenticates using just the IP address and maybe a weak password.  I don't
> > allow ADSM across my firewall.
>
> I was reading an IBM redbook on ADSM the other day. It had a short section
> on authentication which said absolutely nothing to make me understand what
> it actually does.   Anyway, having worked with it a little and never having
> seen any authentication config details, I'd go with the above assessment.

My understanding of version 3 at least (but I'd go search through
archives at adsm.org and ask that list if you really want to know) is
that the client authenticates the server (is it really the server that
it's talking to?) and the server authenticates the client (is it really
that client?) via a challenge-response kind of method based upon a
shared secret. 

You can also set the client/server to renegotiate a password after a
number of days (I don't know who generates the new one, and how good it
is, though. Obviously it must store it locally, if you don't want to
have to type it in each time - so if the host is compromised then
someone could back up more files. They couldn't delete backups unless
you gave that host permission to do that).  It definitely *does not*
use the IP address as any form of authenticator.

However, my local ADSM expert said that the problem with allowing
unprotected machines to access the server was that you can't limit
where server-administrators can connect from, and it would allow
someone to start password guessing. Anyone can get the 'dsmadmc'
client, after all.

So I'd agree with the conclusion, just not the way it was reached.

James.