Penetration Testing mailing list archives
Re: [PEN-TEST] Tandems ?
From: Marc Kneppers <marc.kneppers () TRIPEZE COM>
Date: Tue, 22 Aug 2000 11:40:13 -0600
Not a lot of info to contribute, but ...
From my experience (about 4 years ago):
Tandems tend to come in a few flavours, one of them being a (relatively) standard UNIX OS - so these are subject to the same UNIX vulnerabilities everyone else has. Check the OS. (I remember old sendmail versions, user accounts like 'shutdown' etc without passwords by default). Also, the UNIX boxes that I worked on were heavily monitored for hardware failures and come with monitors which are used to dial-out and request replacement hardware components (depending on the level of support). They can also be configured for dial-in support by Tandem. This is obviously a potential hole/access point. This might also apply to the non-UNIX boxes. -MArc -----Original Message----- From: Rick Redman [mailto:redmanr () MINGA COM] Sent: Monday, August 14, 2000 3:45 PM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Tandems ? I've recently been tasked to do a HUGE assessment of a large network. On this network, they have quite a few tandems (www.tandem.com). The question is, any one have/know of any tools or documentation that might help a person who needs to do any sort of security audit of one of these? I've searched the web like crazy, and good luck finding any decent books on Tandems at amazon/fatbrain. Thanks for any help. -Minga www.minga.com
Current thread:
- Re: [PEN-TEST] Tandems ? Marc Kneppers (Aug 22)
- <Possible follow-ups>
- Re: [PEN-TEST] Tandems ? Lodin, Steven {IT S~Indianapolis} (Aug 22)
- Re: [PEN-TEST] Tandems ? Heather Field (Aug 24)
- Re: [PEN-TEST] Tandems ? Ong, Kevin (Aug 24)
- Re: [PEN-TEST] Tandems ? Toolin, Colm (Aug 26)
- Re: [PEN-TEST] Tandems ? Green, Neale S (Aug 26)
- Re: [PEN-TEST] Tandems ? Green, Neale S (Aug 27)