Slashdot Mirror

← Back to Stories (view on slashdot.org)

Arkeia Network Backup Agent Remote Access

Posted by timothy on from the security-is-for-dead-people dept.

hdm writes "The Metasploit Project has published a security analysis of the Arkeia Network Backup Client. Anyone able to connect to TCP port 617 can gain read/write access to the filesystem of any host running the Arkeia agent software. This appears to be an intentional design decision on the part of the Arkeia developers. A long-winded description of this issue, complete with screen shots, demonstration code, and packet captures can be found in the research article. Arkeia has been credited with being the first commercial backup product for the Linux platform."

2 of 168 comments (clear)

  1. from the arkeia site by Dr.Opveter · · Score: 5, Funny
    Arkeia.com

    I was looking for a Client-Server backup system that could offer me the possibility of backing up Unix/Linux and NT Servers on a single tape system.
    After long research my choice went to the Arkeia solution, because it has all the benefits I needed. Since then, it runs like a black box, without any need of additional Service.

    Tom Weber, IT Manager
    RTL TV (Europe)

    The backup system running like a black box might not be a good thing here eh?

    --
    Sample this!
  2. It may have been said before... by caluml · · Score: 5, Funny

    Well, let me be the first to say that I for one welcome our new nmap -sS -PS617 -iR 0 -p 617 -ing overlords.

    --
    Get your own free personal location tracker