Author: Himanshu Dwivedi
ISBN: 0321349954
Storage Security Tools
Configuration Files
Storage Security Presentations
Book Updates
Book Reviews
Storage Security Advisiories
Storage Security in the News
NetApp.iSCSI.checker
Checks to see if the running version of Data ONTAP is vulnerable to the iSCSI authenication bypass issue
GrabiQNs
Grabs all the Initiator Node Names (IQNs) from a sniffed Ethereal session
iSCSIChecker
Checks to see if CHAP has been enabled on remote iSCSI devices
CIFSShareBF
Bruteforces CIFS shares protected only by a single password (no username)
NASanon
Determines if a NAS device running CIFS has enabled anonymous connections
CHAP Password Tester
An offline brute-forcer program for CHAP authenication
StorScan
A storage security port scanner for iSCSI SAN and NAS protocols
Disable.NTLM.inf
Disables NTLM hashes on Windows 2000/2003 machines
NoLMHash.reg
Disables LAN MAN hashes on Windows 2000/2003 machines
Storage Security Presentations:
Storage Security
Fibre Channel SAN security presentation delivered at BlackHat 2003
Insecure IP Storage
NAS (CIFS/NFS) security presentation delivered at BlackHat 2004
Insecure SCSI
iSCSI SAN security presentation delivered at BlackHat 2005
There are no updates to the book at this time.
SearchStorage.com's review of the book
ComputerWorld’s short review of the book
Selected Storage Security Advisiories:
08.15.2005 – VERITAS Backup Exec
http://www.techworld.com/opsys/news/index.cfm?NewsID=4215
10.25.2005 – Network Appliance
http://www.securitytracker.com/alerts/2005/Oct/1015103.html
Selected Storage Security News:
Storage data lost and/or compromised http://www.fortune.com/fortune/technology/articles/0,15114,1056163,00.html
Iron Moutain Loses Tapes
http://searchstorage.techtarget.com/originalContent/0,289142,sid5_gci1085051,00.html
Securing Storage was offically released on November 18th, 2005. The author can be contacted at securingstorage@gmail.com