Penetration Testing mailing list archives

Re: [PEN-TEST] Tandems ?

From: "Green, Neale S" <neale.green () EDS COM>
Date: Fri, 25 Aug 2000 14:28:20 +0930

You do need a technical background to do the job properly, but the key
points are;

The "god" user is 255,255, anything running under this ID has implicit
access to anything on the local system.

The equivalent of a UNIX SUID or AS/400 ADOPT AUTHORITY on the Tandem
Platform is PROGID, you can get a list of these with the DSAP $*, PROGID
command, any PROGIDs to 255,255 are dangerous and should have full
justification in place.

SPOOLCOM & PATHCOM may be used to add illicit services under the Userid that
the Spooler or Pathway is running under, no Spoolers or Pathways should be
running under 255,255.

Unless the systems are running the supplied SAFEGUARD Security system, the
security controls will be very basic and open to exploits.

The Tandem platform has is more open to IP based exploits than most
platforms utilising extensive IP communications, as the implementation was a
"drag & drop" exercise without the requisite controls being written into the
Operating System. IP controls need to be external ( Filtering Routers, or
Firewall ) This applies even in intranets.

Hope this is of use.

Neale Green

Neale Green

EDS Security - Asia Pacific
Phone: +61 2 93780225
Fax:     +61 2 93780940
Mobile: 0414 979 627


-----Original Message-----
From: Ong, Kevin [mailto:kong () STAR-SYSTEM COM]
Sent: Wednesday, August 23, 2000 11:24 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Tandems ?


I have encountered the same problem.  Other than the E&Y book, your other
option is to attend the Tandem training classes.  Check out
www.education.tandem.com/us <http://www.education.tandem.com/us>  for class
schedules. You can also call the Compaq Education and Training Center at
1-800-621-9198 for a training catalog. They have a class on Securing
Guardian Systems and Security for Auditors.  However, there are
pre-requisite classes leading to these two.  All the best.  Kevin.

        -----Original Message-----
        From:   Lodin, Steven {IT S~Indianapolis}
[SMTP:STEVEN.LODIN () ROCHE COM]
        Sent:   Tuesday, August 22, 2000 8:56 AM
        To:     PEN-TEST () SECURITYFOCUS COM
        Subject:        Re: Tandems ?



        > The question is, any one have/know of any tools or documentation
that
        > might help a person who needs to do any sort of security
        > audit of one of these?
        >

        E&Y has a good book on Tandems that might be useful in understanding
the system enough to test it.  Contact your local E&Y office to see if they
have a copy.  It's quite old and may not be available.

        Steve
        --
        Steve Lodin - CISSP
        Manager - IT Security
        Roche Diagnostics Corp
        <Steven.Lodin () roche com>
        317-845-2070

Current thread:

Re: [PEN-TEST] Tandems ? Marc Kneppers (Aug 22)
- <Possible follow-ups>
- Re: [PEN-TEST] Tandems ? Lodin, Steven {IT S~Indianapolis} (Aug 22)
- Re: [PEN-TEST] Tandems ? Heather Field (Aug 24)
- Re: [PEN-TEST] Tandems ? Ong, Kevin (Aug 24)
- Re: [PEN-TEST] Tandems ? Toolin, Colm (Aug 26)
- Re: [PEN-TEST] Tandems ? Green, Neale S (Aug 26)
- Re: [PEN-TEST] Tandems ? Green, Neale S (Aug 27)