RE: RVP (RezendeVous Protocol)

From: BUGTRAQ (ivan.buetlerat_private)
Date: Wed Jul 11 2001 - 22:34:06 PDT

Next message: Ron Russell: "Re: Re: spoofing 255.255.255.255 techniques"

Previous message: belkaat_private: "Re: RVP (RezendeVous Protocol)"
In reply to: INA (V. Brahmanandam): "RVP (RezendeVous Protocol)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi there,
 We were involved into a Tibco installation. Tibco delivers it server farm
with multihome networked systems. The application services are only needed
from the first interface, where synchronisation and data transfer between
tibco nodes are transfered by the broadcast protocol RendeVous on the second
interface (something like Tibco backbone).

 We recommended to install something like "Solaris IPFILTER" on the Tibco
systems in order to prevent hackers from the Intra_NET accessing Tibco's
backbone network.

In other words, Tibco presents a lot of services, visible on both network
interfaces. If you spoof a Tibco node, you will be able to
insert/fake/delete datas to the message queue and therefore compromised data
integrity. Especially, because RendeVous uses UDP as well.

Regards

Ivan



-----Original Message-----
From: INA (V. Brahmanandam) [mailto:BrahmanandamVat_private]
Sent: Wednesday, July 11, 2001 10:19 AM
To: 'PEN-TESTat_private'
Subject: RVP (RezendeVous Protocol)



Hi all,

Has anyone in this list reviewed RezendeVous protocol and the security
considerations relating to this protocol. I am on an assignment to review
security implemented in a middleware product (TIBCO), which is using this
protocol to communicate between various systems. I have been able to gather
some information from: http://www.psl.cs.columbia.edu/papers/rvp-dd.html
<http://www.psl.cs.columbia.edu/papers/rvp-dd.html> ,   which does not
appear to be fully current. I couldn't find any RFC on this.  I would
appreciate any help in this regard.

Thanks and Regards.

Brahma



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Ron Russell: "Re: Re: spoofing 255.255.255.255 techniques"
Previous message: belkaat_private: "Re: RVP (RezendeVous Protocol)"
In reply to: INA (V. Brahmanandam): "RVP (RezendeVous Protocol)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 12 2001 - 12:08:32 PDT