Re: Pen testing Fiber Channel

From: Bojan Zdrnja (bojan.zdrnja@gmail.com)
Date: Wed Jan 18 2006 - 16:37:21 EST


On 17 Jan 2006 20:06:45 -0000, pentesticle@yahoo.com
<pentesticle@yahoo.com> wrote:
> Hello list...
>
> I'm performing my first pen-test on a network that uses fiber channel for their backup network. The network diagrams show fiber channel switches on the backside and nothing else to prevent access from one
> server to another on a different higher security network. Can anyone tell me if it is possible once I compromise one of the servers on the lower security network can I hop across the fiber channel to a server on the
> higher security network? If so how would I go about hopping over via the fiber?

Are you sure you are not talking about SAN here? If it's SAN then you
can't use it to do anything else but transfer data on it. You could
check one of the machines to see which LUNs (logical disks) are mapped
- there can be problems here if a SAN admin allowed access to more
LUNs than needed.

Other than that, SAN servers (backend servers) are usually on isolated
or private network, so you can check if you can reach them somehow
(you shouldn't be able to). They basically hold the "keys to kingdom"
as they can allow you to map LUNs to anything and then access the disk
from other servers, completely compromising the security.

Cheers,

Bojan

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:23 EDT