That link refers to Backup/Archive client. I just sniffed both IE6 and ITSM-OR(5.2.2.0) Web-GUI login and both show the username and password!
>From my PC: POST /SignOnPost HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, application/x-shockwave-flash, */* Referer: http://01.01.01.01:1580/signon Accept-Language: en-us Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: 01.01.01.01:1580 Content-Length: 40 Connection: Keep-Alive Cache-Control: no-cache %24PP1=LOGIN&USERID=salm&PASSWORD=ForMyEyesOnly I haven't checked the TSM Client, but now I don't believe that it sends the username/password. Generally, what Andy says it right! I'm ready to say that I was wrong for the Client, has anyone sniffed a client and would like to share that information? The Web-GUI does send the username and password in clear text. (Can this be changed?) Sal > -----Original Message----- > From: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] Behalf Of > Neil Rasmussen > Sent: Thursday, April 22, 2004 6:49 PM > To: [EMAIL PROTECTED] > Subject: Re: Firewall backups > > > I have no comment on the best method of firewall implementation. However, > I could not let the statement that TSM Sends it username/password as plain > text go by without comment. > > Neither the TSM Client nor the Web-GUI send the username/password in the > clear. I am not sure where this information came from but it just is not > true. Here is a post from about a year ago that explains how the password > is sent, the explanation goes for the Client as well as the Web-GUI: > > http://msgs.adsm.org/cgi-bin/get/adsm0302/707.html > > > Regards, > > Neil Rasmussen > Software Development > Data Protection for Oracle > [EMAIL PROTECTED] > > > > > Sal Mangiapane <[EMAIL PROTECTED]> > Sent by: "ADSM: Dist Stor Manager" <[EMAIL PROTECTED]> > 04/21/2004 08:06 PM > Please respond to > salm > > > To > [EMAIL PROTECTED] > cc > > Subject > Re: Firewall backups > > > > > > > We operate through firewalls differently: > > We have a small VPN device that we use to create an IPSec VPN tunnel and > only have entries in the firewall for this tunnel, then we > run all ITSM traffic through the tunnel. Makes for simpler firewall > settings and adds extra security because username/password is > sent as plain text by ITSM. > > You will also want to limit the Web-GUI client for security reasons too > (plain text -- too). > > I can provide more details, contact me directly: > > salm(at)vitalds(dot)com or 724-758-3981 > > Sal > Vital Data Systems > > > > -----Original Message----- > > From: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] Behalf Of > > Gill, Geoffrey L. > > Sent: Wednesday, April 21, 2004 6:43 PM > > To: [EMAIL PROTECTED] > > Subject: Firewall backups > > > > > > We're trying to get backups running outside a firewall and below are the > > results of a test. The network folks sent me this log to show the ports > > which communicating during backup. On the left is the server IP on the > right > > is the client IP. > > > > The client settings are below. The question is how to get all to > communicate > > on one specified port so they can tighten down acls. I've read the > write-up > > on this and thought everything was set properly but I must be missing > > something. If someone has advice it would be greatly appreciated. > > > > > > > > Thanks, > > > > > > > > COMMmethod TCPIP > > > > TCPServeraddress xxx.xxx.xxx.xxx > > > > TCPCLIENTADDRESS xxx.xxx.xxx.xxx > > > > WEBPORTS 1582,1583 > > > > TCPPort 1500 > > > > TCPCLIENTPORT 1501 > > > > HTTPPort 1581 > > > > > > > > Apr 20 17:04:50 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37317) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:04:51 PDT: list TSM-Filter permitted tcp xxx.xxx.xxx.xxx(1500) > -> > > xxx.xxx.xxx.xxx(2200), 1 packet > > > > Apr 20 17:05:04 PDT: list TSM-Filter denied tcp xxx.xxx.xxx.xxx(37316) > -> > > xxx.xxx.xxx.xxx(1501), 2 packets > > > > Apr 20 17:05:04 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37317) -> > > xxx.xxx.xxx.xxx(1501), 4 packets > > > > Apr 20 17:05:04 PDT: list TSM-Filter permitted tcp xxx.xxx.xxx.xxx(1500) > -> > > xxx.xxx.xxx.xxx(2200), 5648 packets > > > > Apr 20 17:05:21 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37318) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:05:51 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37319) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:06:21 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37320) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:06:51 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37321) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:07:21 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37322) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:07:51 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37323) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:08:21 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37324) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:08:51 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37325) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:09:21 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37326) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:09:51 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37327) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:10:06 PDT: list TSM-Filter permitted tcp xxx.xxx.xxx.xxx(1500) > -> > > xxx.xxx.xxx.xxx(2200), 61959 packets > > > > Apr 20 17:10:21 PDT: list TSM-Filter permitted tcp > xxx.xxx.xxx.xxx(37328) -> > > xxx.xxx.xxx.xxx(1501), 1 packet > > > > Apr 20 17:10:25 PDT: list TSM-Filter permitted tcp xxx.xxx.xxx.xxx(1500) > -> > > xxx.xxx.xxx.xxx(2235), 1 packet > > > > Apr 20 17:10:41 PDT: list TSM-Filter permitted tcp xxx.xxx.xxx.xxx(1500) > -> > > xxx.xxx.xxx.xxx(2235), 8 packets > > > > Apr 20 17:10:41 PDT: list TSM-Filter permitted tcp xxx.xxx.xxx.xxx(1500) > -> > > xxx.xxx.xxx.xxx(2200), 2586 packets > > > > > > > > Geoff Gill > > TSM Administrator > > NT Systems Support Engineer > > SAIC > > E-Mail: [EMAIL PROTECTED] > > Phone: (858) 826-4062 > > Pager: (877) 854-0975 > > >
