Fellow Powerchute users,
Last week I discovered a major security flaw with APC's Powerchute
Plus v4.2 for Netware (a graceful shutdown software).
Due to the nature of the security flaw I will not go into the details
here, but let me just say it can cause a loss of service to your
users. Please do not email me for details on this matter as I've got a
busy work week ahead of me.
This flaw has been verified by several other people at the
University of Florida, and APC has been notified of it and are
working on a fix.
I've done some testing this morning, and I've found a solution that
works, but for some it may be giving up more then you want.
Powerchute broadcasts SAP type 37e, not 004, not 107, not 160.
Enabling a SAP filter on the outgoing IPX packets on each of your
file servers running powerchute of sap type 37e, and specifically
that file server, will prevent the flawed powerchute client from ever
finding the server. This is also a more secure way of preventing
people from attacking the server (if there is a filter only on the
subnet router, what is to prevent people on your subnet attacking
your server).
In Netware 4.1/4.11 this can be done easily enough. I am not
addressing Netware 3 because I do not work in a Netware 3 shop, but
I have it on good faith that it can be done if one reads the manual.
Make sure you have all of the powerchute NLM's loaded.
Load INETCFG, enable filtering support under the IPX protocol
options menu.
Load FILTCFG, select IPX, select outgoing SAP filters, enable it,
action should be "Deny services in Filter List", then press
enter on the option "Filters".
Press insert to add a new filter,
Press insert on the option for the service name, when the scroller
comes up type "PC" which should bring you to the start of the
Powerchute SAPs, find your file server name in there and press enter.
Go to "Service Type", press enter. Enter "37e" (the powerchute SAP
type). Press Enter.
Go to the comment field and write some duragatory remark about how
powerchute security must have been designed by the engineers at
Microsoft (or whatever you like).
Press F10 to save the entry. Press escape and yes until you're back
at the console prompt.
Now, very important, type "REINITIALIZE SYSTEM". No connections should
be lost, but the filtering will go in effect.
Sit back, wait two minutes, load up the powerchute windows client and
see if your server shows up. If it doesn't, you did good.
Powerchute will still function in it's capacity to do a graceful
shutdown. However, it will not work in it's capacity to be remotely
managed. If you can live with this, then you may use this workaround.
Good luck,
Ken Sallot
CIRCA, The University of Florida
352-392-2007