X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C76CC6.054A45A6@onstor-exch02.onstor.net>; Thu, 22 Mar 2007 14:06:55 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_001_01C76CC6.054A45A6"
Content-class: urn:content-classes:message
Subject: root/admin login via fp-ports
Date: Thu, 22 Mar 2007 14:06:53 -0700
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E02F12B6B@onstor-exch02.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: root/admin login via fp-ports
Thread-Index: AcdsxgQRMwTHQGNgQpK+6kdcdQp0zw==
From: "Steffen Thuemmel" <steffen.thuemmel@onstor.com>
To: "dl-se" <dl-se@onstor.com>,
	"dl-cstech" <dl-cstech@onstor.com>

This is a multi-part message in MIME format.

------_=_NextPart_001_01C76CC6.054A45A6
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I found out today, it is possible to login as admin or root via a vsvr =
ip-address (configured on a fp port). The management ports and the fp =
port are on totally different ip segments.

Why don't we suppress this ?  Isn't that a security risk ? I was telling =
all my prospects that the sc and fp ports are totally separated.

=20

Thanks,

St.

=20

Steffen Thuemmel=20

Manager Systems Engineering CE

=20

telf.      +49 6102 884 84-0

mobil.     +49 173 673 3434

mail.       steffen.thuemmel@onstor.com

=20

ONStor GmbH

Schleussner Str. 42

D-63263 Neu-Isenburg

Germany

=20

HR-B: 42402 AG Offenbach am Main;=20

USt.-ID: DE 249 472 495

Gesch=E4ftsf=FChrer: Roland Voelskow

=20


------_=_NextPart_001_01C76CC6.054A45A6
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page Section1
	{size:612.0pt 792.0pt;
	margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.Section1
	{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
 <o:shapelayout v:ext=3D"edit">
  <o:idmap v:ext=3D"edit" data=3D"1" />
 </o:shapelayout></xml><![endif]-->
</head>

<body lang=3DDE link=3Dblue vlink=3Dpurple>

<div class=3DSection1>

<p class=3DMsoNormal><span lang=3DEN-US>I found out today, it is =
possible to login
as admin or root via a vsvr ip-address (configured on a fp port). The
management ports and the fp port are on totally different ip =
segments.<o:p></o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US>Why don&#8217;t we suppress this =
? =A0Isn&#8217;t
that a security risk ? I was telling all my prospects that the sc and fp =
ports
are totally separated.<o:p></o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US><o:p>&nbsp;</o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US>Thanks,<o:p></o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US>St.<o:p></o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US><o:p>&nbsp;</o:p></span></p>

<p class=3DMsoNormal><b><span lang=3DEN-US =
style=3D'font-size:10.0pt'>Steffen
Thuemmel </span></b><b><span lang=3DEN-US =
style=3D'font-size:10.0pt;font-family:
"Times New Roman","serif"'><o:p></o:p></span></b></p>

<p class=3DMsoNormal><span lang=3DEN-US =
style=3D'font-size:10.0pt'>Manager Systems
Engineering CE</span><span lang=3DEN-US =
style=3D'font-size:12.0pt'><o:p></o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US><o:p>&nbsp;</o:p></span></p>

<p class=3DMsoNormal><b><span lang=3DEN-US =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'>telf.</span><=
/b><b><span
lang=3DEN-US =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;
</span></b><b><span lang=3DEN-US =
style=3D'font-size:7.5pt;font-family:"Tahoma","sans-serif"'>+49
6102 884 84-0</span></b><b><span lang=3DEN-US =
style=3D'font-size:8.0pt;font-family:
"Tahoma","sans-serif"'><o:p></o:p></span></b></p>

<p class=3DMsoNormal><b><span lang=3DEN-US =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'>mobil.
&nbsp;&nbsp;&nbsp; </span></b><b><span lang=3DEN-US =
style=3D'font-size:7.5pt;
font-family:"Tahoma","sans-serif"'>+49 173 673 =
3434<o:p></o:p></span></b></p>

<p class=3DMsoNormal><b><span lang=3DFR =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'>mail.&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;
<a =
href=3D"mailto:steffen.thuemmel@onstor.com">steffen.thuemmel@onstor.com</=
a></span></b><span
lang=3DEN-US style=3D'font-size:12.0pt;font-family:"Times New =
Roman","serif"'><o:p></o:p></span></p>

<p class=3DMsoNormal><span lang=3DEN-US>&nbsp;</span><b><span lang=3DFR
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></=
span></b></p>

<p class=3DMsoNormal><b><span =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif";
color:#1F497D'>ONStor GmbH<o:p></o:p></span></b></p>

<p class=3DMsoNormal><span =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'>Schleussner
Str. 42<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'>D-63263
Neu-Isenburg<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:8.0pt;font-family:"Tahoma","sans-serif"'>Germany</span=
><span
style=3D'font-size:12.0pt;font-family:"Times New =
Roman","serif"'><o:p></o:p></span></p>

<p class=3DMsoNormal>&nbsp;<o:p></o:p></p>

<p class=3DMsoNormal><span =
style=3D'font-size:7.5pt;font-family:"Arial","sans-serif"'>HR-B:
42402 AG Offenbach am Main; <o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:7.5pt;font-family:"Arial","sans-serif"'>USt.-ID:
DE 249 472 495<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:7.5pt;font-family:"Arial","sans-serif"'>Gesch=E4ftsf=FC=
hrer:
Roland Voelskow</span><span style=3D'font-size:12.0pt;font-family:"Times =
New Roman","serif"'><o:p></o:p></span></p>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

</div>

</body>

</html>

------_=_NextPart_001_01C76CC6.054A45A6--
