| Subject | Re: Undocumented internal encrypt/decrypt in FB |
|---|---|
| Author | Adam |
| Post date | 2007-07-19T12:19:36Z |
--- In firebird-support@yahoogroups.com, "Andreas Pohl" <apohl@...> wrote:
database or the objects within. SYSDBA can backup the database. If the
user does not know the SYSDBA password, then that attack vector is
minimised (although there is only so much strength in an 8 character
password).
I was not talking about your encrypted sandboxed gbak. Have you
removed the networking code from your custom fbserver? If not, I can
use ProcessExplorer to see what TCP/IP ports you are listening to. I
can download the standard gbak from one of the download kits, and
backup the database through using your fbserver as the proxy. I can
bypass the service manager if you have set it up to only backup to
your sandbox or if you have set it up to encrypt the backup file.
Here is a test for you.
Go to www.firebirdsql.org and download one of the win32 zip kits. Take
a gbak out of there and attempt the backup.
I am not trying to circumvent your security, I just don't want you to
have any illusions about your security strength. As Geoff has
mentioned, most security experts would not even bother attempting to
break even the weakest of encryption techniques without trying to get
around it. A thief wouldn't bother breaking into a padlocked door if
there was an open window next to it.
Adam
>SYSDBA still exists though, and even if it is not the owner of the
> --- In firebird-support@yahoogroups.com, Alexandre Benson Smith
> <iblist@> wrote:
> > I am sorry, but I think you are wrong, or I missed something.
> >
> > gbak is a client app as any other.
> >
> > it asks fbserver that read the encrypted file, and send *unencrypted
> > data* to the client... if the server sends encrypted data to the
> client,
> > then client was unable to see anything useful.
>
> I use standard gbak to produce an encrypted db via restore from a
> decrypted backup file and vice versa. This is not only working in
> theorie...
>
> And as an additional approach there is an db owner <> sysdba with a
> password stored on the dongle. Nobody outside my environment knows a
> valid username/password combination (and within my app I use a
> two-phase-login with "silent login" of db owner first).. So, even if
> you have physical access to all areas of the pc with available dongle
> and with tools and knowledge of firebird security system you have to
> know db owner/user and valid password to produce a decrypted copy of db.
database or the objects within. SYSDBA can backup the database. If the
user does not know the SYSDBA password, then that attack vector is
minimised (although there is only so much strength in an 8 character
password).
I was not talking about your encrypted sandboxed gbak. Have you
removed the networking code from your custom fbserver? If not, I can
use ProcessExplorer to see what TCP/IP ports you are listening to. I
can download the standard gbak from one of the download kits, and
backup the database through using your fbserver as the proxy. I can
bypass the service manager if you have set it up to only backup to
your sandbox or if you have set it up to encrypt the backup file.
Here is a test for you.
Go to www.firebirdsql.org and download one of the win32 zip kits. Take
a gbak out of there and attempt the backup.
I am not trying to circumvent your security, I just don't want you to
have any illusions about your security strength. As Geoff has
mentioned, most security experts would not even bother attempting to
break even the weakest of encryption techniques without trying to get
around it. A thief wouldn't bother breaking into a padlocked door if
there was an open window next to it.
Adam