|
Securing Storage
Author: Himanshu Dwivedi
ISBN: 0321349954
Storage Security Tools
Configuration Files
Storage Security Presentations
Book Updates
Book Reviews
Storage Security Advisiories
Storage Security in the News
Storage Security Tools:
NetApp.iSCSI.checker
Checks to see if the running version of Data ONTAP is vulnerable to the iSCSI authenication bypass issue
GrabiQNs
Grabs all the Initiator Node Names (IQNs) from a sniffed Ethereal session
iSCSIChecker
Checks to see if CHAP has been enabled on remote iSCSI devices
CIFSShareBF
Bruteforces CIFS shares protected only by a single password (no username)
NASanon
Determines if a NAS device running CIFS has enabled anonymous connections
CHAP Password Tester (CPT)
An offline brute-forcer program for CHAP authenication
StorScan
A storage security port scanner for iSCSI SAN and NAS protocols
Configuration Files:
Disable.NTLM.inf
Disables NTLM hashes on Windows 2000/2003 machines
NoLMHash.reg
Disables LAN MAN hashes on Windows 2000/2003 machines
Storage Security Presentations:
Storage Security
Fibre Channel SAN security presentation delivered at BlackHat 2003
Insecure IP Storage
NAS (CIFS/NFS) security presentation delivered at BlackHat 2004
Insecure SCSI (iSCSI)
iSCSI SAN security presentation delivered at BlackHat 2005
Book Updates:
There are no updates to the book at this time.
Book Reviews:
ComputerWorld’s short review of the book
SNIA’s Review of the book
Selected Storage Security Advisiories:
08.15.2005 – VERITAS Backup Exec
http://www.techworld.com/opsys/news/index.cfm?NewsID=4215
10.25.2005 – Network Appliance
http://www.securitytracker.com/alerts/2005/Oct/1015103.html
Selected Storage Security News:
Storage data lost and/or compromised http://www.fortune.com/fortune/technology/articles/0,15114,1056163,00.html
Iron Moutain Loses Tapes
http://searchstorage.techtarget.com/originalContent/0,289142,sid5_gci1085051,00.html
Securing Storage was offically released on November 18th, 2005. The author can be contacted at securingstorage@gmail.com
|
