Re: Question on iSCSI security

To: wrstuden@wasabisystems.com
Subject: Re: Question on iSCSI security
From: Caitlin Bestler <cait@asomi.com>
Date: Thu, 12 Jun 2003 15:26:58 -0500
Cc: "Williams, Jim" <Jim.Williams@Emulex.com>, "'ips@ece.cmu.edu'" <ips@ece.cmu.edu>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; Charset=US-ASCII
Delivered-To: ips@ece.cmu.edu
In-Reply-To: <Pine.NEB.4.53.0306122005210.668@neverwinter.home-net.icnt.net>
Sender: owner-ips@ece.cmu.edu

On 6/12/03, wrstuden@wasabisystems.com wrote:

>As I understand your scenario, target C will see initiator
>A logging in from B's IP address. There is no way that
>iSCSI will see the connection as coming from anywhere
>other than B's IP. So you can close this by limiting A's
>auths to only be valid from its IP addresses.

And if A has to use an alternate path through another NIC?
Or if A's address is assigned by DHCP?

At the minimum, such a solution should be aware of ALL
valid addresses for that A might use.

Caitlin Bestler
http://asomi.com/CaitlinBestler/

References:
- Re: Question on iSCSI security
  - From: wrstuden@wasabisystems.com

Prev by Date: Re: Question on iSCSI security
Next by Date: Re: Question on iSCSI security
Prev by thread: Re: Question on iSCSI security
Next by thread: Re: Question on iSCSI security
Index(es):
- Date
- Thread

Home

Last updated: Thu Jun 12 18:19:20 2003
12635 messages in chronological order