Re: [PEN-TEST] Informix

[Brett Geer <brett () BRABYS CO ZA>]

Informix, where to begin, I remember seeing a CERT document some
years ago complaining about Infomix security.

Here's some things to take a look for:

1) Check the $INFORMIXDIR/etc/sqlhosts file, $10 says it uses
   trusted hosts authentication.
2) As someone elses pointed out, informix/informix userid.
3) Note the perms on the dbspace files (for online in /dev/),
   normally 666.

What is it running? version?

brett

"Hyde, Mark (GEO)" wrote:
> Hello,
>
> I have been mandated to audit a critical Informix database application on
> Unix.
>
> I would be very grateful for pointers to known security vulnerabilities or
> backdoors (weak default installation settings, built-in passwords etc) that
> are specific to Informix. Also if there are any tools out there - freeware
> or commerical that can help to break the informix security.
>
> I have used DB scanner from ISS - but this does not perform audits of
> Informix if a
> similar tool exist I would like to know about it.
>
> Any help, tips or tricks would be much appreciated.
>
> Thanks in advance,
>
> Mark Hyde
> Compaq Professional Services
> IT security consultant CISSP, CISA, MCSE.

--

-----------------------------------------------------------------
            Brett's fourth law of UNIX administration...
     Want to go away for a weekend? Turn your pager off,
     no-one reads documentation if they can just call...
-----------------------------------------------------------------
Brett Geer - UNIX Admin/Analyst/Programmer - Intratex Holdings.
Tel. +27 31 717 4000 Direct. +27 31 717 4146
Fax. +27 31 717 4001
-----------------------------------------------------------------
       "I've got 'yer mission critical server right here..."
-----------------------------------------------------------------