Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsPC HardwareCPUMotherboardsVideo CardsStorageNetworkingPeripheralsBrand Name Systems
Related Topics
Video GamesWindowsMS Server ProductsMS OfficeMore Topics ...
Hardware Forum / Storage / General Topics / February 2007

Tip: Looking for answers? Try searching our database.

IBM DS4000 security issue when manager is compromised?

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
IP21Haas - 15 Feb 2007 15:26 GMT
Is there a possibility when a Hacker takes control of the SAN manager,
that he reassigns LUN's of running systems, or that he disconnects
LUN's?
We want to install a DS4700 SAN system for some of our windows based
servers. Some servers will be on our normal LAN and some servers will
be on a secure (Process-control-Network) LAN. Managing the SAN will be
done from a console on our none-secure LAN. I was wondering how that
would jeopardize the data of our servers on the secure network.
Is it possible for a hacker (once he has taken over control of the
management console) to redirect the LUN's of our secure servers to
servers on our non-secure LAN, or is it possible to manipulate the SAN
in a way that data from the secure servers is also readable or
accessible for others?
Could he even break the LUN's link with running servers (for instance
just by shutting down the entire SAN)?
Reply to this Message
Guy Dawson - 16 Feb 2007 15:49 GMT
> Is there a possibility when a Hacker takes control of the SAN manager,
> that he reassigns LUN's of running systems, or that he disconnects
> LUN's?

Why would they not be able to do this if they have access to
the SAN manager?

Any one who has management control of the SAN can manage the SAN

> We want to install a DS4700 SAN system for some of our windows based
> servers. Some servers will be on our normal LAN and some servers will
[quoted text clipped - 8 lines]
> Could he even break the LUN's link with running servers (for instance
> just by shutting down the entire SAN)?

He's the SAN manager so could do all of the above...

Guy
-- --------------------------------------------------------------------
Guy Dawson                    I.T. Manager              Crossflight Ltd
gnues@crossflight.co.uk
Reply to this Message
Raju Mahala - 22 Feb 2007 16:57 GMT
> Is there a possibility when a Hacker takes control of the SAN manager,
> that he reassigns LUN's of running systems, or that he disconnects
[quoted text clipped - 11 lines]
> Could he even break the LUN's link with running servers (for instance
> just by shutting down the entire SAN)?

Its not clear what do you want to ask. If anybody has the superuser
privilege then he can do anything.
are you asking regarding password protection in SAN manager cleint ?
When you open storage manager client then it doesn't ask for password
but if you enable password then it will ask for password before every
activity through storage manager client. I hope during installation of
storage manager client it doesn't ask for passwod setup so by default
there is no password protection but you can implement.

-Raju
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2010 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.