Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] auth error after upgrade to 7.4.2

2009-02-25 13:36:13
Subject: Re: [Networker] auth error after upgrade to 7.4.2
From: "Goslin, Paul" <pgoslin AT CINCOM DOT COM>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Wed, 25 Feb 2009 13:34:59 -0500 
Now that makes perfect sense...  

> -----Original Message-----
> From: EMC NetWorker discussion 
> [mailto:NETWORKER AT LISTSERV.TEMPLE DOT EDU] On Behalf Of Matthew Huff
> Sent: Wednesday, February 25, 2009 1:29 PM
> To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
> Subject: Re: [Networker] auth error after upgrade to 7.4.2
> 
> I'll hazard a guess that they added the strong authentication 
> not for backups, rather for restores. Being able to restore a 
> file could easily be used to assist in breaking into a 
> machine/network. I assume that if stronger authentication is 
> needed for restores, it would be rendered less useful if you 
> can't trust the same method for it to be used for backups. 
> For example, if I can impersonate a machine and have the 
> /etc/shadow file backed up, and then restore it to a 
> production server then I can break into it.
> 
> Some of these vulnerabilities they have fixed from 7.2 to 7.4 
> are based on actual security incidents. None of this is an 
> excuse for poor implementation, documentation, support, or 
> diagnostics.
> 
> ----
> Matthew Huff       | One Manhattanville Rd
> OTA Management LLC | Purchase, NY 10577
> http://www.ox.com  | Phone: 914-460-4039
> aim: matthewbhuff  | Fax:   914-460-4139
> 
> 
> 
> > -----Original Message-----
> > From: EMC NetWorker discussion 
> [mailto:NETWORKER AT LISTSERV.TEMPLE DOT EDU]
> > On Behalf Of Goslin, Paul
> > Sent: Wednesday, February 25, 2009 1:17 PM
> > To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
> > Subject: Re: [Networker] auth error after upgrade to 7.4.2
> >
> > Davina, Please excuse my ignorance ... WHY IS IT NECESSARY ?
> >
> > I understand why antivirus is needed, like a vaccination is 
> needed to 
> > keep things healthy and keep malicious software from infecting your 
> > machine.
> >
> > Exactly how is questioning something you don't comprehend 
> being naive ?
> >
> > I've been using/running Networker for about 10 years... 
> Long before it 
> > did any type of 'authentication' to the best of my knowledge ...
> > Since it's been introduced, I have only had problems with 
> it... And no 
> > one has pointed out the benefits or why it should be required to 
> > backup a client machine... If you go to all the effort of 
> installing 
> > Networker client package on the client, specifying the server (or 
> > servers) allowed to back it up, and then configure it on 
> the server to 
> > be backed up, please explain in detail how the extra step of 
> > Authenticating the client before backing it up is a benefit ?
> > Where is the value added in this extra step ?
> > I would be amazed to see someone trying to have a machine 
> masquerade 
> > as an existing client in order to get their data backed up for 
> > whatever reason.... Who would go to such effort ? Unless you have 
> > actually attempted or seen this ?
> >
> >
> > > -----Original Message-----
> > > From: Davina Treiber [mailto:Davina.Treiber AT PeeVRo.co DOT uk]
> > > Sent: Wednesday, February 25, 2009 12:59 PM
> > > To: EMC NetWorker discussion; Goslin, Paul
> > > Subject: Re: [Networker] auth error after upgrade to 7.4.2
> > >
> > > Goslin, Paul wrote:
> > >   (I fail to
> > > > understand why Networker needs to authenticate a client in the
> > first
> > > > place?)
> > >
> > > That's a rather naive comment. Of course it is necessary to 
> > > authenticate.
> > >
> > > It's a bit like saying that you fail to understand why it is 
> > > necessary to run anti-virus on a Windows system.
> > >
> >
> > To sign off this list, send email to 
> listserv AT listserv.temple DOT edu and 
> > type "signoff networker" in the body of the email. Please write to 
> > networker-request AT listserv.temple DOT edu if you have any problems with 
> > this list. You can access the archives at 
> > http://listserv.temple.edu/archives/networker.html or via RSS at 
> > http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
> 
> To sign off this list, send email to 
> listserv AT listserv.temple DOT edu and type "signoff networker" in 
> the body of the email. Please write to 
> networker-request AT listserv.temple DOT edu if you have any 
> problems with this list. You can access the archives at 
> http://listserv.temple.edu/archives/networker.html or via RSS 
> at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
> 

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] auth error after upgrade to 7.4.2, Matthew Huff
Next by Date:  Re: [Networker] auth error after upgrade to 7.4.2, Teresa Biehler
Previous by Thread:  Re: [Networker] auth error after upgrade to 7.4.2, Matthew Huff
Next by Thread:  Re: [Networker] auth error after upgrade to 7.4.2, Teresa Biehler
Indexes:  [Date] [Thread] [Top] [All Lists]