Penetration Testing mailing list archives
Re: Pen testing Fiber Channel
From: "Michael Weber" <mweber () alliednational com>
Date: Wed, 18 Jan 2006 12:37:29 -0600
I use FC here, and it's a very nice way to go if you have the $$$. Or, in some cases, $$$$$$$$$. A FC primer. Look upon an FC array as a pair of disks housed in a cabinet. Each drive can talk to whatever computer it is assigned to. The computers can see however many drives the FC system presents to them. As far as the computers are concerned, they are simply SCSI drives. So, to get at System B's data through System A, you would have to compromise two things. System A, and the FC system that gives access to the drives. If you can do that, you can simply tell the FC system to present System B's drives to System A as well. (Sharing drive space is a normal function of FC, that's how clustering works.) The FC switches simply pass data between the different FC ports. Assuming that both System A and System B already have access to the FC system, there should not be any issues with the switches to concern yourself about. If you are thinking about trying to go directly from System A to System B through the FC switch, it won't work since there is no FC subsystem on System B to talk to. It is possible to DOS the system that way, which is why FC fabric is almost always switched and not hubbed, but I don't think you can get to any data. Hmmm... I wonder if iSCSI is any different... But I digress. Once you have told the FC subsystem to allow System A access to System B's drives, simply mount the new drives that just showed up from System A and hack away. Know, however, that if you write to the System B drives you have a VERY high possibility of bringing System B down in a hurry. Copying certain files to System A for analysis is possible, just tread lightly, have a good backup, make sure your liability insurance is paid up, etc. -Michael
<pentesticle () yahoo com> 1/17/2006 2:06 PM >>>
Hello list... I'm performing my first pen-test on a network that uses fiber channel for their backup network. The network diagrams show fiber channel switches on the backside and nothing else to prevent access from one server to another on a different higher security network. Can anyone tell me if it is possible once I compromise one of the servers on the lower security network can I hop across the fiber channel to a server on the higher security network? If so how would I go about hopping over via the fiber? Thanks... ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------------- E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated file(s) may contain privileged, confidential or proprietary information or be protected from disclosure under law ("Confidential Information"). Any use or disclosure of this Confidential Information, or taking any action in reliance thereon, by any individual/entity other than the intended recipient(s) is strictly prohibited. This Confidential Information is intended solely for the use of the individual(s) addressed. If you are not an intended recipient, you have received this Confidential Information in error and have an obligation to promptly inform the sender and permanently destroy, in its entirety, this Confidential Information (and all copies thereof). E-mail is handled in the strictest of confidence by Allied National, however, unless sent encrypted, it is not a secure communication method and may have been intercepted, edited or altered during transmission and therefore is not guaranteed. ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Pen testing Fiber Channel pentesticle (Jan 18)
- Re: Pen testing Fiber Channel Bojan Zdrnja (Jan 18)
- <Possible follow-ups>
- Re: Pen testing Fiber Channel Michael Weber (Jan 18)
- Re: Pen testing Fiber Channel Bob Beringer (Jan 18)