Penetration Testing mailing list archives
Re: [PEN-TEST] Tandems ?
From: Heather Field <Heather.Field () CTP COM>
Date: Wed, 23 Aug 2000 09:25:50 -0700
It is funny, but I didn't think Tandems had security, so what is there to audit (sort of joking so please don't flame up)? That is unless they have installed SafeGuard or something. Don't know about audit tools, but first find out if they are using SafeGuard or any other 3rd party tool to manage authentication and authorization. Otherwise, it may just be a matter of getting up to speed on the OS commands to snoop around. Heather Field Cambridge Technology Partners, CNS O: 310.563.4862 C: 310.489.5679 -----Original Message----- From: Marc Kneppers [mailto:marc.kneppers () TRIPEZE COM] Sent: Tuesday, August 22, 2000 10:40 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] Tandems ? Not a lot of info to contribute, but ...
From my experience (about 4 years ago):
Tandems tend to come in a few flavours, one of them being a (relatively) standard UNIX OS - so these are subject to the same UNIX vulnerabilities everyone else has. Check the OS. (I remember old sendmail versions, user accounts like 'shutdown' etc without passwords by default). Also, the UNIX boxes that I worked on were heavily monitored for hardware failures and come with monitors which are used to dial-out and request replacement hardware components (depending on the level of support). They can also be configured for dial-in support by Tandem. This is obviously a potential hole/access point. This might also apply to the non-UNIX boxes. -MArc -----Original Message----- From: Rick Redman [mailto:redmanr () MINGA COM] Sent: Monday, August 14, 2000 3:45 PM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Tandems ? I've recently been tasked to do a HUGE assessment of a large network. On this network, they have quite a few tandems (www.tandem.com). The question is, any one have/know of any tools or documentation that might help a person who needs to do any sort of security audit of one of these? I've searched the web like crazy, and good luck finding any decent books on Tandems at amazon/fatbrain. Thanks for any help. -Minga www.minga.com
Current thread:
- Re: [PEN-TEST] Tandems ? Marc Kneppers (Aug 22)
- <Possible follow-ups>
- Re: [PEN-TEST] Tandems ? Lodin, Steven {IT S~Indianapolis} (Aug 22)
- Re: [PEN-TEST] Tandems ? Heather Field (Aug 24)
- Re: [PEN-TEST] Tandems ? Ong, Kevin (Aug 24)
- Re: [PEN-TEST] Tandems ? Toolin, Colm (Aug 26)
- Re: [PEN-TEST] Tandems ? Green, Neale S (Aug 26)
- Re: [PEN-TEST] Tandems ? Green, Neale S (Aug 27)