[Veritas-bu] SYM06-024 question
2007-01-03 18:01:48
Subject: |
[Veritas-bu] SYM06-024 question |
From: |
dlowenst at mail.sdsu.edu (Dave Lowenstein) |
Date: |
Wed, 03 Jan 2007 15:01:48 -0800 |
I want to make sure I'm protected from this without having to go to the
trouble of implementing VXSS or doing a maintenance pack upgrade.
Can you help me decipher this part of the paragraph?
"All other daemons associated with Veritas NetBackup derive access
control from the NetBackup configuration which *denies* access by default.
Edit the configuration using "host properties" in the GUI to allow only
those hosts that require access to associated NetBackup services. Any
malicious user or attacker would have to have either authorized access
to or gain unauthorized access to one of the trusted-hosts to attempt
attacks against a targeted server."
what does that mean exactly? What am I checking in host properties in
the gui?
full paragraph follows for reference:
*Implement Trusted-Host access through configuration files*
Daemons associated with Veritas NetBackup services provide Trusted-Host
access through the appropriate configuration files. Some of the services
allow access by default while others deny access by default depending on
the functionality of the service. Customers should follow the
documentation provided for each service to ensure they have implemented
a trusted-host relationship appropriate for their network.
The vmd, oprd and robotic daemons derive access control from the vm.conf
file which allows access by default if there is no SERVER entry entered.
Using an appropriate text editor, configure vm.conf's
"SERVER=<hostname>" for allowed host entries. Once a "SERVER=<hostname>"
list is compiled, the associated daemons will ONLY trust and allow hosts
annotated in vm.conf. Any malicious user or attacker would have to have
either authorized access to or gain unauthorized access to one of the
trusted-hosts to attempt attacks against a targeted server.
All other daemons associated with Veritas NetBackup derive access
control from the NetBackup configuration which *denies* access by default.
Edit the configuration using "host properties" in the GUI to allow only
those hosts that require access to associated NetBackup services. Any
malicious user or attacker would have to have either authorized access
to or gain unauthorized access to one of the trusted-hosts to attempt
attacks against a targeted server.
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- [Veritas-bu] SYM06-024 question,
Dave Lowenstein <=
|
|
|