|
Re: [Networker] auth error after upgrade to 7.4.2
2009-02-25 13:30:56
I'll hazard a guess that they added the strong authentication not for backups,
rather for restores. Being able to restore a file could easily be used to
assist in breaking into a machine/network. I assume that if stronger
authentication is needed for restores, it would be rendered less useful if you
can't trust the same method for it to be used for backups. For example, if I
can impersonate a machine and have the /etc/shadow file backed up, and then
restore it to a production server then I can break into it.
Some of these vulnerabilities they have fixed from 7.2 to 7.4 are based on
actual security incidents. None of this is an excuse for poor implementation,
documentation, support, or diagnostics.
----
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
> -----Original Message-----
> From: EMC NetWorker discussion [mailto:NETWORKER AT LISTSERV.TEMPLE DOT EDU]
> On Behalf Of Goslin, Paul
> Sent: Wednesday, February 25, 2009 1:17 PM
> To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
> Subject: Re: [Networker] auth error after upgrade to 7.4.2
>
> Davina, Please excuse my ignorance ... WHY IS IT NECESSARY ?
>
> I understand why antivirus is needed, like a vaccination is needed to
> keep things healthy and keep malicious software from infecting your
> machine.
>
> Exactly how is questioning something you don't comprehend being naive ?
>
> I've been using/running Networker for about 10 years... Long before it
> did any type of 'authentication' to the best of my knowledge ...
> Since it's been introduced, I have only had problems with it... And no
> one has pointed out the benefits or why it should be required to backup
> a client machine... If you go to all the effort of installing Networker
> client package on the client, specifying the server (or servers)
> allowed
> to back it up, and then configure it on the server to be backed up,
> please explain in detail how the extra step of Authenticating the
> client
> before backing it up is a benefit ?
> Where is the value added in this extra step ?
> I would be amazed to see someone trying to have a machine masquerade as
> an existing client in order to get their data backed up for whatever
> reason.... Who would go to such effort ? Unless you have actually
> attempted or seen this ?
>
>
> > -----Original Message-----
> > From: Davina Treiber [mailto:Davina.Treiber AT PeeVRo.co DOT uk]
> > Sent: Wednesday, February 25, 2009 12:59 PM
> > To: EMC NetWorker discussion; Goslin, Paul
> > Subject: Re: [Networker] auth error after upgrade to 7.4.2
> >
> > Goslin, Paul wrote:
> > (I fail to
> > > understand why Networker needs to authenticate a client in the
> first
> > > place?)
> >
> > That's a rather naive comment. Of course it is necessary to
> > authenticate.
> >
> > It's a bit like saying that you fail to understand why it is
> > necessary to run anti-virus on a Windows system.
> >
>
> To sign off this list, send email to listserv AT listserv.temple DOT edu and
> type "signoff networker" in the body of the email. Please write to
> networker-request AT listserv.temple DOT edu if you have any problems with
> this list. You can access the archives at
> http://listserv.temple.edu/archives/networker.html or
> via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type "signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|
|
|
