On Thu, 20 Mar 2003, Geo. wrote: > [...] so I was wondering if anyone had ever researched how secure the > connection between a backup server and a machine running a backup > agent is. [...] Some superficial observation I made regarding two "enterprise" backup systems (I will call them A and B) a while ago: 1. Agent A: connection not encrypted, the agent insists on getting the root's password in plaintext (!) from the server. 2. Agent B: connection not encrypted, based on Sun RPC, using the weak Unix authentication perhaps "strengthened" with the check of the peer's IP address. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
This archive was generated by hypermail 2b30 : Mon Mar 24 2003 - 14:58:42 PST