Hacking the SAN
Hacking the SAN translates to unauthorized access to an entity or data in a storage area network. In the next three chapters, we discuss the following items.
- Session hijacking
- Man-in-the-Middle attacks
- Name server pollution
- WWN spoofing
- LUN masking attacks
- Zone hopping
- Switch attacks
Table 2.2 is summary of the weaknesses that are discussed in the next three chapters and their correlating attacks.
Table 2.2 SAN Security Weaknesses and Correlation SAN Attacks
| SAN weaknesses |
SAN attacks |
| Sequence weaknesses |
Session hijacking |
| Fabric address weaknesses |
Man-in-the-Middle attacks |
| FLOGI/PLOGI weaknesses |
Name server pollution |
| HBA weaknesses |
LUN masking attacks/WWN spoofing |
| FC switch weaknesses |
Zone hopping |
A key idea to introduce at this time before we begin our discussion on SAN attacks is
the difference between a valid attack and a valid risk. In a given network, there are several hundred attacks that are fully possible to execute, but only a handful of them may actually pose a valid risk due to the nature of the network or the business. Hence, for each
attack described in this section, a chart is used to describe how easy or difficult the
execution of the attack will be, and its risk level also will be discussed. See Figure 2.4
for the example chart.
Figure 2.4 Security and business risk chart.
The primary purpose of the SBR chart is to place each threat described in some type
of security risk context. This chapter covers many risks and threats in Fibre Channel
SANs; many of the threats are easy to perform, but many are very difficult to execute due
to the need for physical access to the network or a hardware analyzer for sniffing. It
would not be in the best interest of the book to simply skip the threats that are hard to
actually perform, but use the SBR chart to appropriately show the risk level of each
attack after it has been described.
In Figure 2.4, notice that each area of the chart represents a different security and
business risk value. Items in the upper-left corner are high security risk, but low business
risk. Risks in this area should be technically mitigated from a security perspective only
since the business risk is low. Items in the upper-right corner are high security risk and
high business risk. Risks in this area should be resolved immediately since they present a
high business and security risk. Conversely, items in the lower-left corner are low security risk and low business risk. Risks in this area can often be accepted (bearable) since the impact is relatively low. Finally, items in the lower-right corner are low security risk and high business risk. Risks in this often need a process solution rather than a technical solution. The type of summary in the Security and Business Risk (SBR) chart will help readers understand what valid attacks are and the risks associated with them.
Now that we understand the architecture of Fibre Channel frames and the problems
associated with clear-text communication, we will now discuss the security weaknesses
with Fibre Channel frames. The following list describes each weakness that we will
discuss:
- Sequence weaknesses
- Address weaknesses
- Fabric, port, and node login weaknesses
- FLOGI, PLOGI, and address spoofing
Use the following table of contents to navigate to chapter excerpts or click here to view SANs: Fibre Channel
Security in its entirety.
Home: 
Digg This!
StumbleUpon
Del.icio.us
VIEW ALL IN THIS CATEGORY
