I've mentioned this before in great detail so I'll try to keep it
short here.... I'm not sure about the how's & why's BUT adsm is doing
more than we think... (and maybe more than IBM knows) security wise...
In early rollout & testing I had a netframe node running netware 4.x
with 2 fddi cards. Naturally these two cards had two different IP
addresses... only one ip address had an associated name in the name
server and was for user access to the box... the other was on a
different subnet and mainly for backups (and faster access from a
different area/campus/office/location than where the machine was
located... ANYWAY what ever we did in setting things up caused the
server to know the node by the general public DNS entry name and IP
address but the adsm code on the box would go out the 2nd less known
card... when the first scheduled event kicked off it contacted the
node, initial communications were performed and then the server
REJECTED the connection... (over and over again) as wierd as this
sounds ALL I DID WAS DISCONNECT THE 10BaseT LINE that was used mainly
for DNS access, and ADSM accepted the connection. I never have gone
back to investigate things and never heard back anything from this
list or IBM when I told the initial story but ADSM is doing some
remembering, checking, and rechecking...
I'm just guessing that there is not much in the way of documentation
because they don't want anyone hacking through what they do have for
security.... I've had one other server act this way and to fix it I
just deleted the entry and readded it... then when the initial contact
was made by the client everything worked out on the server... heck
maybe it does something with the SR# in the communication card and if
it changes it double checks/alternately checks IP addresses against
name entries
I DON'T KNOW... and never heard anything back when I was trying to
find out.... all I know is GOOD LUCK getting info out of a server if
you haven't given another node (like the server) access to your
files... well, wait, I take that back... I believe it could perform
some operations but could not create any new backups... I guess
protecting from other nodes trying to roll off good backups...
GOD my brain isn't ready for this much thought process today....
later
Dwight
______________________________ Reply Separator _________________________________
Subject: Re: Why does dsm think I am root?
Author: ADSM-L (ADSM-L AT VM.MARIST DOT EDU) at unix,mime
Date: 1/2/97 10:21 AM
Andy Raibeck wrote:
>
> I agree that it is not clear at all that you can use the SERVERNAME
> option to point to the same ADSM server, but with different settings
> (like NODENAME). And in general, the security issues associated with
> the ADSM UNIX clients need to be documented better, too. I will look
> into this.
The security issues raised by ADSM go beyond client operations as such.
There are a variety of concerns about hostile parties eavesdropping on
data in transit, altering data in transit, posing as a server to trick
client software into taking inappropriate actions, or posing as a client
to trick server software into taking inappropriate actions. I don't
think our ADSM installation could pass any sort of serious security
audit. I don't know whether its inability to pass such an audit is a
result of inadequate security or adequate but undocumented security.
The one piece of relevant information I have is not encouraging: IBM
doesn't think the matter important enough to warrant any discussion in
the ADSM manuals.
|