I am curious about doing some penetration testing on a site who has Tivoli installed on their Internet web servers. Based upon some IBM Redbook documentation on Tivoli, it looks like Tivoli requires many ports need to be opened, 94, 512 (exec), and all above 1024. If this is true and if I can take over one of their IIS servers, shouldn't I be able to use these Tivoli ports to take over any other server especially those Unix machines with exec running on them? I'm also curious about any vulnerabilities found in version 1.1 of CORBA because this technology is what Tivoli is built upon according to IBM's documents. Port 94 has something to do with these CORBA calls. From what the people at the site said, IBM's professional services configured Tivoli for them and explained that all of these ports were necessary to open for Tivoli to work. I just thought to myself that I'd never let anyone open all of those ports if it were my firewall. As always, much appreciation for any help and insight. Thanks Duct Tape ===== duc_ttapeat_private Duct Tape: I have a light side and a dark side, and I hold my universe together. __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 09:46:52 PDT