NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0427 BlackBerry Servers Ripe for the Hacking:
A penetration testing company has found that many companies running BlackBerry
Enterprise Server (BES) copuld be inadvertently opening a door to attackers. Penetration
testing consultancy NTA Monitor found that most of its customers running the BlackBerry
Server with Microsoft Exchange were taking the path of least resistance by opening
unencrypted ports from the heart of their network to service providers. The providers, in
turn, opened a return back to the BES that would pass through firewalls without any policies
being applied. This left the network open on several levels, including session hijacking, IP
spoofing, or just the interception of unencrypted traffic. A hacker could potentially use this
back channel to move around inside an organization undetected, removing confidential
information or installing malware on to the network according to NTA's technical director.
The company recommends implementing a BES in a demilitarized zone (DMZ), which would
isolate attacks against the server from the wider network. However, this added complexity,
and added complexity adds expense.
(TechWorld.com 10MAR08)