A computer components & hardware forum. HardwareBanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » HardwareBanter forum » General Hardware & Peripherals » Storage & Hardrives
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

IBM DS4000 security issue when manager is compromised?



 
 
Thread Tools Display Modes
  #1  
Old February 15th 07, 03:26 PM posted to comp.arch.storage
IP21Haas
external usenet poster
 
Posts: 1
Default IBM DS4000 security issue when manager is compromised?

Is there a possibility when a Hacker takes control of the SAN manager,
that he reassigns LUN's of running systems, or that he disconnects
LUN's?
We want to install a DS4700 SAN system for some of our windows based
servers. Some servers will be on our normal LAN and some servers will
be on a secure (Process-control-Network) LAN. Managing the SAN will be
done from a console on our none-secure LAN. I was wondering how that
would jeopardize the data of our servers on the secure network.
Is it possible for a hacker (once he has taken over control of the
management console) to redirect the LUN's of our secure servers to
servers on our non-secure LAN, or is it possible to manipulate the SAN
in a way that data from the secure servers is also readable or
accessible for others?
Could he even break the LUN's link with running servers (for instance
just by shutting down the entire SAN)?

  #2  
Old February 16th 07, 03:49 PM posted to comp.arch.storage
Guy Dawson
external usenet poster
 
Posts: 24
Default IBM DS4000 security issue when manager is compromised?

IP21Haas wrote:
Is there a possibility when a Hacker takes control of the SAN manager,
that he reassigns LUN's of running systems, or that he disconnects
LUN's?


Why would they not be able to do this if they have access to
the SAN manager?

Any one who has management control of the SAN can manage the SAN

We want to install a DS4700 SAN system for some of our windows based
servers. Some servers will be on our normal LAN and some servers will
be on a secure (Process-control-Network) LAN. Managing the SAN will be
done from a console on our none-secure LAN. I was wondering how that
would jeopardize the data of our servers on the secure network.
Is it possible for a hacker (once he has taken over control of the
management console) to redirect the LUN's of our secure servers to
servers on our non-secure LAN, or is it possible to manipulate the SAN
in a way that data from the secure servers is also readable or
accessible for others?
Could he even break the LUN's link with running servers (for instance
just by shutting down the entire SAN)?


He's the SAN manager so could do all of the above...

Guy
-- --------------------------------------------------------------------
Guy Dawson I.T. Manager Crossflight Ltd

  #3  
Old February 22nd 07, 04:57 PM posted to comp.arch.storage
Raju Mahala
external usenet poster
 
Posts: 47
Default IBM DS4000 security issue when manager is compromised?

On Feb 15, 8:26 pm, "IP21Haas" wrote:
Is there a possibility when a Hacker takes control of the SAN manager,
that he reassigns LUN's of running systems, or that he disconnects
LUN's?
We want to install a DS4700 SAN system for some of our windows based
servers. Some servers will be on our normal LAN and some servers will
be on a secure (Process-control-Network) LAN. Managing the SAN will be
done from a console on our none-secure LAN. I was wondering how that
would jeopardize the data of our servers on the secure network.
Is it possible for a hacker (once he has taken over control of the
management console) to redirect the LUN's of our secure servers to
servers on our non-secure LAN, or is it possible to manipulate the SAN
in a way that data from the secure servers is also readable or
accessible for others?
Could he even break the LUN's link with running servers (for instance
just by shutting down the entire SAN)?


Its not clear what do you want to ask. If anybody has the superuser
privilege then he can do anything.
are you asking regarding password protection in SAN manager cleint ?
When you open storage manager client then it doesn't ask for password
but if you enable password then it will ask for password before every
activity through storage manager client. I hope during installation of
storage manager client it doesn't ask for passwod setup so by default
there is no password protection but you can implement.

-Raju

 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Is this the right site for DS4000 storage? Rob Storage (alternative) 1 July 4th 06 07:12 PM
BIOS Chip Compromised by Virus [email protected] General 2 October 5th 05 12:04 AM
SAN "quota manager" JP Storage & Hardrives 5 July 18th 05 11:36 PM
Strange Device Manager issue! John Smith Nvidia Videocards 1 August 15th 04 12:55 AM
NetApp Data Ontap 6.5 CIFS security issue Deadgame Storage & Hardrives 9 February 29th 04 08:57 PM


All times are GMT +1. The time now is 10:27 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright 2004-2018 HardwareBanter.
The comments are property of their posters.