PaulDotCom mailing list archives
Storage Security
From: gbugbear at gmail.com (Tim Mugherini)
Date: Tue, 11 Aug 2009 21:29:53 -0400
Some of the simplest approaches would be to air gap the storage network (iSCSI), change password for modem access and use SSH v2 if necessary (i've seen some major SAN vendors ask to leave the default password for remote access - WarVOX anyone?), and put mgmt interface on on separate mgmt network. Also if any SAN to SAN replication is going to occur consider encryption between units and separating that traffic as well Just a quick brain dump from a network standpoint - hope this helps Tim On Tue, Aug 11, 2009 at 7:42 PM, Karan Khosla - Sense of Security < karank at senseofsecurity.com> wrote:
Yes this for an enterprise environment. I'm new to storage/storage security so I'm not sure what you mean when you ask me about the application I am looking at deploying. I'm just trying to research generic security issues with SAN/NAS technologies. Once I have an understanding of what issues exist, I would then look at SAN/NAS offerings from Hitachi, NetApp and EMC to see how they address these issues. I've already looked into books like 'Securing Storage by Himanshu Dwivedi' and 'Storage Security by John Chirillo', but these books were published between 2003-2005 and I was wondering if there are any resources that are more current (as I'm not sure if there have been any new advancements in this area, or if issues that existed in 2005 have now been fixed by vendors), and also if standards/best practices exist to address these security issues. I hope I'm making sense. Karan. --Previous Messages-- Date: Mon, 10 Aug 2009 09:23:23 -0700 From: Vincent Lape <vlape at me.com> Subject: Re: [Pauldotcom] Storage Security To: PaulDotCom Security Weekly Mailing List <pauldotcom at mail.pauldotcom.com> Message-ID: <17F43A1A-503B-4104-86A6-5603F5FD9506 at me.com> Content-Type: text/plain; charset="us-ascii" Are you looking to do this in an enterprise environmnt? Explain the application you are looking to deploy and we may be able to point you toberter resources. Sent from my iPhone On Aug 10, 2009, at 2:09 AM, Karan Khosla - Sense of Security <karank at senseofsecurity.com > wrote:Hi, I am researching storage security (SAN/NAS/DAS). I've conducting most of my research online and came across a couple of books on the subject but nothing published in the recent past (most of them published between 2003-2006). Was wondering if anyone knew of any good online resources or books that shed light on the vulnerabilities and best practices around storage security. Thanks in advance. Karan_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090811/fd45c084/attachment.htm
Current thread:
- Storage Security Karan Khosla - Sense of Security (Aug 10)
- Storage Security Vincent Lape (Aug 10)
- <Possible follow-ups>
- Storage Security Karan Khosla - Sense of Security (Aug 11)
- Storage Security Tim Mugherini (Aug 11)