Penetration Testing mailing list archives

RE: RVP (RezendeVous Protocol)

From: "BUGTRAQ" <ivan.buetler () csnc ch>
Date: Thu, 12 Jul 2001 07:34:06 +0200

Hi there,
 We were involved into a Tibco installation. Tibco delivers it server farm
with multihome networked systems. The application services are only needed
from the first interface, where synchronisation and data transfer between
tibco nodes are transfered by the broadcast protocol RendeVous on the second
interface (something like Tibco backbone).

 We recommended to install something like "Solaris IPFILTER" on the Tibco
systems in order to prevent hackers from the Intra_NET accessing Tibco's
backbone network.

In other words, Tibco presents a lot of services, visible on both network
interfaces. If you spoof a Tibco node, you will be able to
insert/fake/delete datas to the message queue and therefore compromised data
integrity. Especially, because RendeVous uses UDP as well.

Regards

Ivan



-----Original Message-----
From: INA (V. Brahmanandam) [mailto:BrahmanandamV () emiratesbank com]
Sent: Wednesday, July 11, 2001 10:19 AM
To: 'PEN-TEST () SECURITYFOCUS COM'
Subject: RVP (RezendeVous Protocol)



Hi all,

Has anyone in this list reviewed RezendeVous protocol and the security
considerations relating to this protocol. I am on an assignment to review
security implemented in a middleware product (TIBCO), which is using this
protocol to communicate between various systems. I have been able to gather
some information from: http://www.psl.cs.columbia.edu/papers/rvp-dd.html
<http://www.psl.cs.columbia.edu/papers/rvp-dd.html> ,   which does not
appear to be fully current. I couldn't find any RFC on this.  I would
appreciate any help in this regard.

Thanks and Regards.

Brahma



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

RVP (RezendeVous Protocol) INA (V. Brahmanandam) (Jul 11)
- RE: RVP (RezendeVous Protocol) BUGTRAQ (Jul 12)
- <Possible follow-ups>
- Re: RVP (RezendeVous Protocol) belka (Jul 12)