Oops, I've Got A Flaming Hole in My Security - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Oops, I've Got A Flaming Hole in My Security

Description:

Oops, I've Got A Flaming Hole in My Security! Session 20080. Gregg Larkin, Praxair Inc ... JDE web server instructions cover the basic steps for installing Websphere ... – PowerPoint PPT presentation

Number of Views:70
Avg rating:3.0/5.0
Slides: 17
Provided by: nell5
Category:
Tags: flaming | hole | oops | security

less

Transcript and Presenter's Notes

Title: Oops, I've Got A Flaming Hole in My Security


1
Oops, I've Got A Flaming Hole in My Security!
Session 20080 Gregg Larkin, Praxair Inc
2
Agenda
  • Lurking Websphere security hole
  • Two methods to close the hole
  • Resources and whitepapers
    Disclaimer
  • Commercial Free Presentation
  • Practical knowledge you can use today

3
The Flaming Hole
  • JDE web server instructions cover the basic steps
    for installing Websphere
  • Then move on to installing JDE Web application
  • This leaves Websphere Wide Open

4
Science Experiment
  • Open your local browser and type in
    http//yourservername9060/ibm/console (Websphere
    6.x)
  • or http//yourservername9090/admin (Websphere
    5.0.2.x).

5
Vulnerability?
  • Stop services
  • Start services
  • Change configurations
  • Delete applications
  • Install applications

6
Two Methods to close the Flaming Hole
  • Enable Global Security using LDAP
  • Enable Global Security using local OS

7
Global Security with LDAP
  • Back up security.xml
  • Open WAS, select Global Security
  • User registry select LDAP

8
Global Security with LDAP
  • Details
  • Server User ID
  • Password
  • Type of LDAP server
  • Host
  • Port
  • Base DN
  • Bind Password

9
Global Security with LDAP
  • Navigate to Global Security. In active user
    registry, select Lightweight Directory Access
    Protocol
  • Restart Websphere
  • Gotcha procedure only practical if you already
    have an LDAP server

10
Global Security with Windows
  • Add an administrator
  • Open Control Panel, associate new account with
    WAS

11
Global Security with Windows
  • Backup Security.xml
  • Open WAS console, global security
  • Local OS under user registries
  • Add in the server ID

12
Global Security with Windows
  • Global Security Window
  • Enable global security
  • Do not check Enforce Java 2 security
  • CSI and SAS protocal
  • Simple Websphere Authentication Mech
  • Local OS user registry

13
Global Security Implemented
  • Restart Websphere
  • If you see this screen, you have closed the
    flaming hole

14
Resources
  • Mr. Websphere Guy Presents Ooops, Ive Got a
    Flaming Hole in My Security , Gregg Larkin,
    JDEtips Journal September/October 2006 Volume VII
    Issue 5
  • Websphere Application Server V6 System
    Management and Configuration Handbook
  • Websphere Application Server V6 Security
    Handbook.
  • You can purchase hard cover editions of these
    books for around 110 and 55 respectively, or
    just grab the PDFs for free at http//ibm.com/redb
    ooks.
  • Mr. Websphere Guy Presents Ooops, Ive Got a
    Flaming Hole in My Security , Gregg Larkin, Quest
    QA Spring 2007

15
Conclusion
  • Websphere Application server is a very complex
    application
  • When installed, it is wide open
  • Presented two methods to close, there are other
    advanced options listed in the IBM security
    redbook
  • If you would like the article and the redbooks,
    leave a business card or email address

16
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com