Dave, Rick, Interestingly, we briefly covered the way in which hackers operate, and that's frequently through the remote execution of code through buffer overflows. An assumption has been made that this is not so much of an issue with Remedy as it exists inside the corporate network, and on the long list of things that Mr. Bad Guy may wish to attack, Remedy is near the bottom.
However, there is an increasing number of people who are running the Midtier live on the Internet. Hence, I wonder if BMC has actually done some serious security testing on both the Midtier and the AR System - in particular, for buffer overflows in the login parameters? I define serious as, "We took a bunch of well respected C/Unix hackers and told them to start hacking". The problem doesn't stop at the AR System. How old are the LDAP libraries used by the AREA plugin? What other libraries are used by the AR System that have been perhaps over looked? A buffer overflow could easily exist in some external library, but trigged through the use of the AR System (or any other product installed that makes use of the library). While this is entirely speculative, the security of systems should always be taken seriously, and more often than not, it's not. Although, if your aim is to simply extract data from Remedy (or any other username/password application), it's often easier to just guess the password. John Java System Solutions : http://www.javasystemsolutions.com _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
