Re: Backups through a firewall
2002-05-22 16:09:16
Subject: |
Re: Backups through a firewall |
From: |
Zlatko Krastev <acit AT ATTGLOBAL DOT NET> |
Date: |
Wed, 22 May 2002 23:07:16 +0300 |
They do not know it but can attack through vocabulary exhaustion - result
could be lock of the admin/node or break in (depending of invalid password
limit).
Same as if you can limit which systems can telnet/ftp to a server and
other cannot using tcp_wrapper or IP filtering. But for TSM both
approaches cannot work - there is no way to distinguish them.
I also revoke all privileges from SERVER_CONSOLE admin and delete default
node CLIENT.
Zlatko Krastev
IT Consultant
Please respond to "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
cc:
Subject: Re: Backups through a firewall
Providing they know the admin userid and password. Admin sessions don't
use
the PASSWORDACCESS GENERATE. A good reason to either lock, delete or
change
the default ADMIN/ADMIN userid in TSM.
|
|
|