This is a multi-part message in MIME format.
------=_NextPart_000_001D_01C62B6C.0B6F8C80
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
We have a lot of root people at all our shops.. :-(
=20
Of course I got access to all the data that are controlled under =
netbackup,
and with that can cause great damage.
The question was more in terms of =93is it logged somewhere=94? I`am I =
really
safe if something happens and people know I got this =93feature=94? I =
cant
really proof that I did not use this command?
What about bpinst, that are a far more powerful utility that allow you =
to
execute scripts on any client server you which.
=20
When it comes to SLA`s our units agree to backups and controlled =
restores,
not to the possibility of undocumented programs that pretty much can do
anything anytime without any logging on there servers.=20
=20
=20
MVH / Hampus Lind
Rikspolisstyrelsen
National Police Board
Tel dir: +46 (0)8 - 401 99 43
Tel mob: +46 (0)70 - 217 92 66
E-mail: hampus.lind AT rps.police DOT se
-----Ursprungligt meddelande-----
Fr=E5n: veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] F=F6r Paul Keating
Skickat: den 6 februari 2006 20:58
Till: veritas-bu AT mailman.eng.auburn DOT edu
=C4mne: RE: [Veritas-bu] Unadvertised utility in Netbackup
=20
it's executable by root.
=20
keep unauthorized root out of your box...sleep well at night.
=20
yes, it's a security risk...yes, it can save your butt....yes, you can =
shoot
yourself in the foot with it...you can even blow your whole leg off.
=20
anything you can do with bpgp, you can do with a creative backup and
restore.
=20
Paul
-----Original Message-----
From: veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of Hampus =
Lind
Sent: February 6, 2006 2:13 PM
To: veritas-bu AT mailman.eng.auburn DOT edu
Subject: [Veritas-bu] Unadvertised utility in Netbackup
Hi all,
=20
What are your comments to the bpgp utility, and others, in netbackup? I
understand that it sometimes are useful for backup admins, my self =
included.
But isen`t it also a great security risk? Does the use of this utility =
get
logged somewhere?=20
=20
Thanks and regards,
MVH / Hampus Lind
Rikspolisstyrelsen
National Police Board
Tel dir: +46 (0)8 - 401 99 43
Tel mob: +46 (0)70 - 217 92 66
E-mail: hampus.lind AT rps.police DOT se
=20
------=_NextPart_000_001D_01C62B6C.0B6F8C80
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<meta name=3DGenerator content=3D"Microsoft Word 10 (filtered)">
<title>Message</title>
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.e-postmall17
{font-family:Arial;
color:windowtext;}
span.E-postmall18
{font-family:Arial;
color:navy;}
@page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DSV link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>We have a lot of =
root people
at all our shops.. </span></font><font size=3D2 color=3Dnavy =
face=3DWingdings><span
lang=3DEN-GB =
style=3D'font-size:10.0pt;font-family:Wingdings;color:navy'>L</span></fon=
t></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'> </span></fo=
nt></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>Of course I got =
access to
all the data that are controlled under netbackup, and with that can =
cause great
damage.</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>The question was =
more in
terms of “is it logged somewhere”? I`am I really safe if =
something
happens and people know I got this “feature”? I cant really =
proof
that I did not use this command?</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>What about =
bpinst, that are
a far more powerful utility that allow you to execute scripts on any =
client
server you which.</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'> </span></fo=
nt></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>When it comes to =
SLA`s
our units agree to backups and controlled restores, not to the =
possibility of
undocumented programs that pretty much can do anything anytime without =
any
logging on there servers. </span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'> </span></fo=
nt></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'> </span></fo=
nt></p>
<div>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
lang=3DEN-GB
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>MVH / Hampus =
Lind<br>
Rikspolisstyrelsen<br>
National Police Board<br>
Tel dir: +46 (0)8 - 401 99 43<br>
Tel mob: +46 (0)70 - 217 92 66<br>
E-m</span></font><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>ail: <a
href=3D"mailto:hampus.lind AT rps.police DOT se">hampus.lind AT rps.police DOT
se</a></=
span></font></p>
</div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
face=3DTahoma><span
style=3D'font-size:10.0pt;font-family:Tahoma'>-----Ursprungligt =
meddelande-----<br>
<b><span style=3D'font-weight:bold'>Från:</span></b>
veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] <b><span =
style=3D'font-weight:
bold'>För </span></b>Paul Keating<br>
<b><span style=3D'font-weight:bold'>Skickat:</span></b> den 6 februari =
2006 20:58<br>
<b><span style=3D'font-weight:bold'>Till:</span></b> </span></font><font =
size=3D2
face=3DTahoma><span =
style=3D'font-size:10.0pt;font-family:Tahoma'>veritas-bu AT mailman.eng DOT
aubu=
rn.edu</span></font><font
size=3D2 face=3DTahoma><span =
style=3D'font-size:10.0pt;font-family:Tahoma'><br>
<b><span style=3D'font-weight:bold'>Ämne:</span></b> RE: =
[Veritas-bu]
Unadvertised utility in Netbackup</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
color=3Dmaroon
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:maroon'>it's
executable by root.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
color=3Dmaroon
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:maroon'>keep
unauthorized root out of your box...sleep well at =
night.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
color=3Dmaroon
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:maroon'>yes,
it's a security risk...yes, it can save your butt....yes, you can shoot
yourself in the foot with it...you can even blow your whole leg =
off.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
color=3Dmaroon
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:maroon'>anything
you can do with bpgp, you can do with a creative backup and =
restore.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
color=3Dmaroon
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:maroon'>Paul</span></fo=
nt></p>
</div>
<blockquote style=3D'border:none;border-left:solid maroon =
1.5pt;padding:0cm 0cm 0cm 4.0pt;
margin-left:3.75pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt'=
>
<p class=3DMsoNormal =
style=3D'margin-right:0cm;margin-bottom:12.0pt;margin-left:
65.2pt'><font size=3D2 face=3DTahoma><span lang=3DEN-US =
style=3D'font-size:10.0pt;
font-family:Tahoma'>-----Original Message-----<br>
<b><span style=3D'font-weight:bold'>From:</span></b>
veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] <b><span =
style=3D'font-weight:
bold'>On Behalf Of </span></b>Hampus Lind<br>
<b><span style=3D'font-weight:bold'>Sent:</span></b> February 6, 2006 =
2:13 PM<br>
<b><span style=3D'font-weight:bold'>To:</span></b>
veritas-bu AT mailman.eng.auburn DOT edu<br>
<b><span style=3D'font-weight:bold'>Subject:</span></b> [Veritas-bu] =
Unadvertised
utility in Netbackup</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Hi all,</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
face=3DArial><span
lang=3DEN-GB style=3D'font-size:10.0pt;font-family:Arial'>What are your =
comments to
the bpgp utility, and others, in netbackup? I understand that it =
sometimes are
useful for backup admins, my self included. But isen`t it also a great =
security
risk? Does the use of this utility get logged somewhere? =
</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
face=3DArial><span
lang=3DEN-GB style=3D'font-size:10.0pt;font-family:Arial'>Thanks and =
regards,</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D2 =
color=3Dnavy
face=3DArial><span lang=3DEN-GB =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>MVH / Hampus Lind<br>
Rikspolisstyrelsen<br>
National Police Board<br>
Tel dir: +46 (0)8 - 401 99 4</span></font><font size=3D2 color=3Dnavy =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>3<br>
Tel mob: +46 (0)70 - 217 92 66<br>
E-mail: <a =
href=3D"mailto:hampus.lind AT rps.police DOT se">hampus.lind AT rps.police DOT
se</a></=
span></font></p>
<p class=3DMsoNormal style=3D'margin-left:65.2pt'><font size=3D3
face=3D"Times New Roman"><span =
style=3D'font-size:12.0pt'> </span></font></p>
</blockquote>
</div>
</body>
</html>
------=_NextPart_000_001D_01C62B6C.0B6F8C80--
|