search

Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Especificaciones Pagina 26

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 39
  • Tabla de contenidos
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 25
Attack Surface Analysis of BlackBerry Devices
attacker may be able to obtain another BlackBerry SIM from the same network provider, which uses the
same BlackBerry APN. If the network provider does not sufficiently segment or filter user IP traffic, then this
second SIM could be used by the attacker in another device to connect to the TCP server socket on the
affected BlackBerry device.
Note that signed code can open TCP connections without the user being prompted, unless they have acti-
vated the device firewall, in which case they will receive a prompt similar to that in Figure 13. See the
Mitigation Strategies section for more details.
Proxy/Firewall Bypass
A malicious application could connect to the attacker and then connect to services on the corporate net-
work via MDS. Note that if the MDS is run on the internal portion of the enterprise LAN, instead of in a
DMZ
12
, then corporate firewalling will also be bypassed allowing data to flow between the general Internet
and services internal to the enterprise in question. This allows the attacker to utilize the BlackBerry as a TCP
proxy between herself and services normally not visible to those on the broader Internet. With the firewall
turned off and default application permissions, if the application is unsigned the user will be prompted to
allow network access using the standard dialog. However if the application is disguised as an application
that requires network access, then they may not notice anything unusual. If the application is signed, then
it requires no user interaction, and can run silently.
8
Note that in a default BES deployment, the firewall is enabled, and the user will receive additional prompts
before connections are allowed, even for signed code.
26
Figure 12: Unsigned application opening
TCP socket
Figure 13: Signed application opening TCP
socket when device firewall is enabled
Vista de pagina 25
1 2 ... 21 22 23 24 25 26 27 28 29 30 31 ... 38 39

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para Software Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE
Software Blackberry ENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL Guía de usuario   (189 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR MICROSOFT EXCHANGE - - RELEASE NOTES Manual de usuario   (11 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR IBM LOTUS DOMINO Manual de usuario   (19 paginas)
Software Blackberry Messenger Manual de usuario   (17 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR MICROSOFT EXCHANGE Manual de usuario   (23 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR MICROSOFT EXCHANGE Manual de usuario   (65 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR IBM LOTUS DOMINO - - RELEASE NOTES Manual de usuario   (12 paginas)
Software Blackberry Messenger Manual de usuario   (21 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR MICROSOFT EXCHANGE - - RELEASE NOTES Manual de usuario   (6 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR IBM LOTUS DOMINO Manual de usuario   (87 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR MICROSOFT EXCHANGE - - RELEASE NOTES Manual de usuario   (11 paginas)
Software Blackberry PROFESSIONAL SOFTWARE FOR MICROSOFT EXCHANGE - - RELEASE NOTES Manual de usuario   (80 paginas)
Software Blackberry ENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL Especificaciones   (138 paginas)
Software Blackberry Link для Windows Manual de usuario   (46 paginas)
Software Blackberry Desktop Software Manual de usuario   (38 paginas)
Software Blackberry Link для Mac OS Manual de usuario   (45 paginas)
Software Blackberry Desktop Software Manual de usuario   (78 paginas)
  • HSM DetectorPro Joycare PIXEL Moultrie
  • La Crosse Technology Relojes de mesa Clevo Cuadernos Airfree Los atenuadores Panasonic Tabletas Omron De medición, control y control
  • Wacom Cintiq 24HD Acer TravelMate 8481 LG LCG3091ST Samsung SP-P310ME
  • Samsung SCC-C6475P Manual de usuario Whirlpool WMH32519CS Manual de usuario Init NT-C1141 Manual de usuario Blueant Z9i Bluetooth Headset Manual de usuario Batteryminder 12151 Manual de usuario