Vulnerability Development mailing list archives
Re: network appliance...
From: j.hall () F5 COM (John Hall)
Date: Wed, 12 Apr 2000 16:10:33 -0700
He's talking about the Network Appliance network attached disk array (read BIG RAID box with NFS/CIFS(netbios)/HTTP server or HTTP caching OS). I've had them at my last two jobs and loved them. They use a proprietary kernel based (I think) on vxworks, running on Pentium and Dec Alpha processors. There's no UNIX to exploit and if someone did get in, they'd probably gore the OS to do it which would be VERY noticable. I've seen no exploits against their disk servers with recent versions of the OS. Never ran nmap against them though. Never had time to really try to break one. The protocols are inherently insecure, so I wouldn't put any NFS or CIFS server on the Internet without some serious diligence. I do remember there have been some issues with their NetCache product (same hardware & OS but different application layer). Here's what I've got links for: http://packetstorm.securify.com/9904-exploits/netcache.snmp.public.txt Pine.LNX.4.21.0003300946230.25171-100000 () dione ids pl">http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-03-28&msg=Pine.LNX.4.21.0003300946230.25171-100000 () dione ids pl</A> Make sure you buy the support contract with the box, and keep it up. Their customer support is way better than "World Class" and is dirt cheap for the level of support you get. Network Appliance has the best customer support of ANY company I've done business with. JMH JT <jt () COVERTSYSTEMS COM> wrote:
has anyone heard of vulnerabilities in the Network Appliance base operating systems? they're the company that makes large filer head systems and my company is considering buying one. the operating system is unix or unix based but an nmap scan on known open ports in demonstration showed absolutely nothing - no operating systems id either. i was curious as to whether this is really as safe as it seems... thanks, jim tatman jtatman () leopard com
-- John Hall <j.hall () f5 com> F5 Networks, Inc. Senior Test Engineer 206-505-0800 Nemo me impune lacessit. [No one provokes me with impunity] -- Motto of the Crown of Scotland
Current thread:
- Re: network appliance..., (continued)
- Re: network appliance... nine (Apr 12)
- Re: network appliance... Todd Garrison (Apr 12)
- Re: network appliance... Dustin D. Trammell (Apr 12)
- Re: network appliance... Ryan Permeh (Apr 12)
- Re: network appliance... Jordan Ritter (Apr 12)
- Re: network appliance... Tom (Apr 12)
- Re: network appliance... Luiz Eduardo Gava (Apr 12)
- Re: network appliance... Lopez, Joe (Apr 12)
- Re: network appliance... Dom De Vitto (Apr 12)
- Re: network appliance... Hull, Dave (Apr 12)
- Re: network appliance... John Hall (Apr 12)
- Re: network appliance... Paul Taylor (Apr 12)
- Re: network appliance... Crother, Mark (Apr 12)
- Re: network appliance... Marc Slemko (Apr 13)
- Re: network appliance... Stuart Henderson (Apr 17)
- Re: network appliance... James Grinter (Apr 24)
- DOS on inetd w/ nmap Clifford, Shawn A (Apr 24)
- Re: DOS on inetd w/ nmap Roelof Temmingh (Apr 25)
- Re: DOS on inetd w/ nmap LaMont Jones (Apr 25)
- Re: DOS on inetd w/ nmap Richard Johnson (Apr 25)
- Info about Microsoft Exchange application protocol Bobby, Paul (Apr 24)
- Re: network appliance... Stuart Henderson (Apr 17)
- Re: network appliance... nine (Apr 12)