Blackberry servers vulnerable to new attack

BE AFRAID. BE VERY AFRAID. That's basically the message to organisations running Research In Motion's (RIM's) Blackberry server behind their firewalls.

That's because code that hacks the server and has been developed by Jesse D'Aguanno, a consultant with Praetorian Global, is due for release next week. The hacking program is called BBProxy and can be installed on a Blackberry or sent as an email attachment to an unsuspecting user.

Once installed, BBProxy opens a back channel bypassing most organisations' gateway security mechanisms. That's because the data tunnel between the Blackberry and the server is encrypted, so regular intrusion detection systems typically won't detect the attack.

Secure Computing's, Paul Henry, says that any Internet facing server like a Blackberry server should be isolated on its own DMZ (De-Militarised Zone) segment.

He also says that the mail server should not be permitted to open arbitrary connexions to the internal network or Internet. Nor should users be permitted to open such connexions.

The INQ suspects that Secure Computing just might know a thing or two about how to configure servers to take these measures into account. µ

L'INQ
Secure Computing