------=_Part_181_26386497.1122516085529
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
I believe it affects both Backup Exec, and several versions of NetBackup=20
Netware Media Server ....
http://www.securityfocus.com/bid/14019
=20
On 7/28/05, Charles Ballowe <cballowe AT gmail DOT com> wrote:=20
>=20
> I think the veritas flaw mentioned is the one in this article:
> http://www.technewsworld.com/rsstory/44353.html
>=20
> The flaw is in Backup Exec, not NetBackup.
>=20
> That doesn't mean NetBackup is completely in the clear - just that if
> there's a flaw it's not an exposed flaw.
>=20
> But -- you need to keep your media servers locked down pretty well.
> Consider the power of commands like bpinst and bpgp.
>=20
> -Charlie
>=20
> On 7/27/05, Grover,Samuel <Samuel.Grover AT cna DOT com> wrote:
> >
> > The corporate firewall keeps people out.. if someone gets in through th=
e
> > firewall on port 13782, I'd say my network security folks have a
> > problem.
> >
> > Sam Grover
> > CNA Financial
> >
> > -----Original Message-----
> > From: veritas-bu-admin AT mailman.eng.auburn DOT edu
> > [mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of Ra pa
> > Sent: Wednesday, July 27, 2005 9:38 AM
> > To: veritas-bu AT mailman.eng.auburn DOT edu
> > Subject: [Veritas-bu] Important -About Veritas Netbackup Security???
> >
> >
> > I found this article on cnn technology.
> >
> > http://www.cnn.com/2005/TECH/internet/07/25/hackers.backup.software.reu=
t
> > /index.html
> >
> > Will you guys provide some of your thoughts about
> > securing netbackup environment, How to protect gaining
> > someone access from client port to master..etc
> >
> > Any input will be much appreciate
> >
> >
> > Thanks
> > =3Dkpr=3D
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> > _______________________________________________
> > Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
> > http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
> >
> > E-MAIL CONFIDENTIALITY NOTICE: The contents of this e-mail message and=
=20
> any attachments are intended solely for the
> > addressee(s) and may contain confidential and/or legally privileged=20
> information. If you are not the
> > intended recipient of this message or if this message has been addresse=
d=20
> to you in error, please
> > immediately alert the sender by reply e-mail and then delete this=20
> message and any attachments. If you
> > are not the intended recipient, you are notified that any use,=20
> dissemination, distribution, copying, or
> > storage of this message or any attachment is strictly prohibited.
> >
> > _______________________________________________
> > Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
> > http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
> >
>=20
> _______________________________________________
> Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>
------=_Part_181_26386497.1122516085529
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
<div>I believe it affects both Backup Exec, and several versions of NetBack=
up Netware Media Server ....</div>
<div> </div>
<div><a href=3D"http://www.securityfocus.com/bid/14019">http://www.security=
focus.com/bid/14019</a></div>
<div> </div>
<div><br><br> </div>
<div><span class=3D"gmail_quote">On 7/28/05, <b class=3D"gmail_sendername">=
Charles Ballowe</b> <<a href=3D"mailto:cballowe AT gmail DOT
com">cballowe@gmai=
l.com</a>> wrote:</span>
<blockquote class=3D"gmail_quote" style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0=
px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">I think the veritas flaw mention=
ed is the one in this article:<br><a href=3D"http://www.technewsworld.com/r=
sstory/44353.html">
http://www.technewsworld.com/rsstory/44353.html</a><br><br>The flaw is in B=
ackup Exec, not NetBackup.<br><br>That doesn't mean NetBackup is completely=
in the clear - just that if<br>there's a flaw it's not an exposed flaw.
<br><br>But -- you need to keep your media servers locked down pretty well.=
<br>Consider the power of commands like bpinst and bpgp.<br><br>-Charlie<br=
><br>On 7/27/05, Grover,Samuel <<a href=3D"mailto:Samuel.Grover AT cna DOT
>com"=
>
Samuel.Grover AT cna DOT com</a>> wrote:<br>><br>> The corporate
firewall=
keeps people out.. if someone gets in through the<br>> firewall on port=
13782, I'd say my network security folks have a<br>> problem.<br>>
<br>> Sam Grover<br>> CNA Financial<br>><br>> -----Original Mes=
sage-----<br>> From: <a href=3D"mailto:veritas-bu-admin AT mailman.eng DOT
aubu=
rn.edu">veritas-bu-admin AT mailman.eng.auburn DOT edu</a><br>> [mailto:<a
href=
=3D"mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu">
veritas-bu-admin AT mailman.eng.auburn DOT edu</a>] On Behalf Of Ra pa<br>>
Sen=
t: Wednesday, July 27, 2005 9:38 AM<br>> To: <a href=3D"mailto:veritas-b=
u AT mailman.eng.auburn DOT edu">veritas-bu AT mailman.eng.auburn DOT
edu</a><br>> Sub=
ject: [Veritas-bu] Important -About Veritas Netbackup Security???
<br>><br>><br>> I found this article on cnn technology.<br>><br=
>> <a href=3D"http://www.cnn.com/2005/TECH/internet/07/25/hackers.backup=
.software.reut">http://www.cnn.com/2005/TECH/internet/07/25/hackers.backup.=
software.reut
</a><br>> /index.html<br>><br>> Will you guys provide some of your=
thoughts about<br>> securing netbackup environment, How to protect gain=
ing<br>> someone access from client port to master..etc<br>><br>> =
Any input will be much appreciate
<br>><br>><br>> Thanks<br>> =3Dkpr=3D<br>><br>><br>> _=
_________________________________________________<br>> Do You Yahoo!?<br=
>> Tired of spam? Yahoo! Mail has the best spam protection ar=
ound<br>>=20
<a href=3D"http://mail.yahoo.com">http://mail.yahoo.com</a><br>> _______=
________________________________________<br>> Veritas-bu maillist &=
nbsp;- <a href=3D"mailto:Veritas-bu AT mailman.eng.auburn DOT
edu">Veri=
tas-bu AT mailman.eng.auburn DOT edu
</a><br>> <a href=3D"http://mailman.eng.auburn.edu/mailman/listinfo/veri=
tas-bu">http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu</a><br>&g=
t;<br>> E-MAIL CONFIDENTIALITY NOTICE: The contents of this e=
-mail message and any attachments are intended solely for the
<br>> addressee(s) and may contain confidential and/or legally privilege=
d information. If you are not the<br>> intended recipient of this messag=
e or if this message has been addressed to you in error, please<br>> imm=
ediately alert the sender by reply e-mail and then delete this message and =
any attachments. If you
<br>> are not the intended recipient, you are notified that any use, dis=
semination, distribution, copying, or<br>> storage of this message or an=
y attachment is strictly prohibited.<br>><br>> ______________________=
_________________________
<br>> Veritas-bu maillist - <a href=3D"mailto:Veri=
tas-bu AT mailman.eng.auburn DOT edu">Veritas-bu AT mailman.eng.auburn DOT
edu</a><br>>=
; <a href=3D"http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu">htt=
p://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
</a><br>><br><br>_______________________________________________<br>Veri=
tas-bu maillist - <a href=3D"mailto:Veritas-bu@mailma=
n.eng.auburn.edu">Veritas-bu AT mailman.eng.auburn DOT edu</a><br><a
href=3D"http:=
//mailman.eng.auburn.edu/mailman/listinfo/veritas-bu">
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu</a><br></blockquo=
te></div><br>
------=_Part_181_26386497.1122516085529--
|