I didn't see it mentioned yet, but there is also TSMtape and the older
adsmtape programs on sourceforge:
http://sourceforge.net/projects/tsmtape
Regards,
Shawn
________________________________________________
Shawn Drew
Internet
cpreston < at > GLASSHOUSE.COM
Sent by: ADSM-L < at > VM.MARIST.EDU
07/30/2008 05:42 PM
Please respond to
ADSM-L < at > VM.MARIST.EDU
To
ADSM-L
cc
Subject
Re: [ADSM-L] Question on tape format
The short answer is that unencrypted TSM tapes are totally readable by a
determined black hat. No, they can't be imported by another TSM server,
and no the format isn't published by IBM. But the format has been cracked
by at least two COMMERCIAL products:
www.indexengines.com
They sell an appliance that you can feed TSM/NBU/NW/ARCServe/BE tapes to.
Not only will they be read, it will generate a FULL TEXT searchable index
of the content on those tapes. (You'll be able to say "give me all the
emails/files with this word in them.)
All a blackhat needs to do is buy one of these boxes and the appropriate
tape drive and they've got your data.
www.sepaton.com
While this wouldn't be used to steal data, they the SEPATON VTL has also
cracked the format, as they use it to do their content-aware
deduplication. That wouldn't be possible if they hadn't already cracked
the format enough to pull it apart and look at the files inside it.
Finally, if these two companies could crack the format with NO HELP from
IBM, so could a determined black hat. Yes, it would take them a long
time, but it's within the realm of possibility.
All of the comments in the QuickFacts guide are also true. The are all
sorts of difficulties with reading tapes outside a backup product, and the
only true way to be sure of the security of your data is to encrypt it.
Curtis Preston | VP Data Protection
GlassHouse Technologies, Inc.
T: +1 760 710 2004 | C: +1 760 419 5838 | F: F: +1 760 710 2009
cpreston < at > glasshouse.com |
www.glasshouse.com
Infrastructure :: Optimized
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L < at > VM.MARIST.EDU] On Behalf Of
Cory Heikel
Sent: Wednesday, July 30, 2008 12:25 PM
To: ADSM-L < at > VM.MARIST.EDU
Subject: [ADSM-L] Question on tape format
I just talked with our Security Officer and was asked:
If our tapes are stolen while in transit, what data could be gotten off of
them?
Has anyone on the list ever tried reading a copypool tape outside of TSM?
If so, what was actually on it? I know the data is there, but does it
reference file or node names in any way? Is the data itself actually
readable?
Thanks,
cory
Cory Heikel
Tivoli Systems Administrator
Hershey Medical Center
(717) 531-7972
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for
the individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail.
This message and any attachments (the "message") is intended solely for
the addressees and is confidential. If you receive this message in error,
please delete it and immediately notify the sender. Any use not in accord
with its purpose, any dissemination or disclosure, either whole or partial,
is prohibited except formal approval. The internet can not guarantee the
integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will)
not therefore be liable for the message if modified. Please note that certain
functions and services for BNP Paribas may be performed by BNP Paribas RCC, Inc.
