Network Security: Detailed info on Re: Arkeia Network Backup Client Remote Access

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Bugtraq

[Top] [All Lists]

Re: Arkeia Network Backup Client Remote Access

from [H D Moore] Network Security

[Permanent Link]

Subject:	Re: Arkeia Network Backup Client Remote Access
Date:	Mon, 21 Feb 2005 20:48:11 -0600

Just to clarify, the user manual *does* mention client security and gives 
instructions for locking down the Arkeia agent. Unfortunately this is not 
enabled by default and only restricts access on a per-host basis.

Appendix B: System Security (not sure how I missed this before)
ftp://ftp.arkeia.com/pub/manual/arkeia5/anb/Arkeia_User_Manual.pdf

-HD

On Sunday 20 February 2005 14:41, H D Moore wrote:

Anyone able to connect to TCP port 617 can gain read/write access to
the filesystem of any host running the Arkeia agent software.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Arkeia Network Backup Client Remote Access, H D Moore Re: Arkeia Network Backup Client Remote Access, Vincent Archer Re: Arkeia Network Backup Client Remote Access, H D Moore <= Re: Arkeia Network Backup Client Remote Access, Arnaud Spicht

Previous by Date:	iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB Arbitrary File Disclosure Vulnerability, iDEFENSE Labs
Next by Date:	Re: Avaya IP Office Phone Manager - Sensitive Information Cleartext Vulnerability, grutz
Previous by Thread:	Re: Arkeia Network Backup Client Remote Access, Vincent Archer
Next by Thread:	Re: Arkeia Network Backup Client Remote Access, Arnaud Spicht
Indexes:	[Date] [Thread] [Top] [All Lists]