Now that makes perfect sense...
> -----Original Message-----
> From: EMC NetWorker discussion
> [mailto:NETWORKER AT LISTSERV.TEMPLE DOT EDU] On Behalf Of Matthew Huff
> Sent: Wednesday, February 25, 2009 1:29 PM
> To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
> Subject: Re: [Networker] auth error after upgrade to 7.4.2
>
> I'll hazard a guess that they added the strong authentication
> not for backups, rather for restores. Being able to restore a
> file could easily be used to assist in breaking into a
> machine/network. I assume that if stronger authentication is
> needed for restores, it would be rendered less useful if you
> can't trust the same method for it to be used for backups.
> For example, if I can impersonate a machine and have the
> /etc/shadow file backed up, and then restore it to a
> production server then I can break into it.
>
> Some of these vulnerabilities they have fixed from 7.2 to 7.4
> are based on actual security incidents. None of this is an
> excuse for poor implementation, documentation, support, or
> diagnostics.
>
> ----
> Matthew Huff | One Manhattanville Rd
> OTA Management LLC | Purchase, NY 10577
> http://www.ox.com | Phone: 914-460-4039
> aim: matthewbhuff | Fax: 914-460-4139
>
>
>
> > -----Original Message-----
> > From: EMC NetWorker discussion
> [mailto:NETWORKER AT LISTSERV.TEMPLE DOT EDU]
> > On Behalf Of Goslin, Paul
> > Sent: Wednesday, February 25, 2009 1:17 PM
> > To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
> > Subject: Re: [Networker] auth error after upgrade to 7.4.2
> >
> > Davina, Please excuse my ignorance ... WHY IS IT NECESSARY ?
> >
> > I understand why antivirus is needed, like a vaccination is
> needed to
> > keep things healthy and keep malicious software from infecting your
> > machine.
> >
> > Exactly how is questioning something you don't comprehend
> being naive ?
> >
> > I've been using/running Networker for about 10 years...
> Long before it
> > did any type of 'authentication' to the best of my knowledge ...
> > Since it's been introduced, I have only had problems with
> it... And no
> > one has pointed out the benefits or why it should be required to
> > backup a client machine... If you go to all the effort of
> installing
> > Networker client package on the client, specifying the server (or
> > servers) allowed to back it up, and then configure it on
> the server to
> > be backed up, please explain in detail how the extra step of
> > Authenticating the client before backing it up is a benefit ?
> > Where is the value added in this extra step ?
> > I would be amazed to see someone trying to have a machine
> masquerade
> > as an existing client in order to get their data backed up for
> > whatever reason.... Who would go to such effort ? Unless you have
> > actually attempted or seen this ?
> >
> >
> > > -----Original Message-----
> > > From: Davina Treiber [mailto:Davina.Treiber AT PeeVRo.co DOT uk]
> > > Sent: Wednesday, February 25, 2009 12:59 PM
> > > To: EMC NetWorker discussion; Goslin, Paul
> > > Subject: Re: [Networker] auth error after upgrade to 7.4.2
> > >
> > > Goslin, Paul wrote:
> > > (I fail to
> > > > understand why Networker needs to authenticate a client in the
> > first
> > > > place?)
> > >
> > > That's a rather naive comment. Of course it is necessary to
> > > authenticate.
> > >
> > > It's a bit like saying that you fail to understand why it is
> > > necessary to run anti-virus on a Windows system.
> > >
> >
> > To sign off this list, send email to
> listserv AT listserv.temple DOT edu and
> > type "signoff networker" in the body of the email. Please write to
> > networker-request AT listserv.temple DOT edu if you have any problems with
> > this list. You can access the archives at
> > http://listserv.temple.edu/archives/networker.html or via RSS at
> > http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
>
> To sign off this list, send email to
> listserv AT listserv.temple DOT edu and type "signoff networker" in
> the body of the email. Please write to
> networker-request AT listserv.temple DOT edu if you have any
> problems with this list. You can access the archives at
> http://listserv.temple.edu/archives/networker.html or via RSS
> at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
>
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type "signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|