Results 1 to 6 of 6

Hi guys! Just thought you might want to check this out. BlackBerry Corporate Architecture The ... 3rd Party BlackBerry Software forum

  1. #1
    Dasher's Avatar
    Dasher no está en línea Stack level 3
    Join Date
    May 2007
    PIN/ID
    21F6D890
    Posts
    484

    Thumbs up SMOBILE Virusguard for BlackBerry v.5.0

    Advertisement



    Hi guys! Just thought you might want to check this out.


    BlackBerry Corporate Architecture

    The Blackberry is a mobile device that creates a direct connection to the corporate network. By doing so it becomes a virtual extension of the internal network, bypassing the corporate firewall.

    Typical BlackBerry Functionality:

    The Blackberry Enterprise Server (BES) creates an outbound persistent connection to the RIM network.
    The Blackberry device is then virtually connected to the internal network and will remain in an always on, always connected state.








    The Problem:

    In the Blackberry architecture only the security of the data on the handheld itself is considered, and not the impact of the handheld on the rest of the network. Since Blackberries are essentially computers with a constant connection to the corporate LAN, and not treated like other remote access applications, a vulnerability in the system is exposed. This vulnerability is now primed to be exploited by code like
    BBProxy.


    How It Works

    The BBProxy exploit is installed to the device as a Trojan posing as a legitimate application. While the application is running BBProxy runs in the background creating an outbound socket connection from the device to the attacker controlled host on the internet.
    From the attacker controlled host a subsequent socket connection is made to a second host which also includes internal hosts. The Blackberry then acts as a proxy for all data transferred between hosts.
    Now the attacker has the ability to directly communicate with any port on an internal host from
    an external host – Right through the Blackberry handheld.
    Once connected, the connection is available to any exploit within the corporate network.This leads to exploitation
    of vulnerable services found behind the corporate firewall.







    Here is the OTA link www.smobilesystems.com/mobile

  2. #2
    MWPatterson's Avatar
    MWPatterson no está en línea BES Pro
    Join Date
    Dec 2006
    PIN/ID
    Ask Plz
    Posts
    1,031

    Re: SMOBILE Virusguard for BlackBerry v.5.0

    Cool, thanks will read more about it.

  3. #3
    Dasher's Avatar
    Dasher no está en línea Stack level 3
    Join Date
    May 2007
    PIN/ID
    21F6D890
    Posts
    484

    Re: SMOBILE Virusguard for BlackBerry v.5.0

    You are welcome!
    A fool always finds a greater fool to admire him. Fools admire, but men of sense approve.

  4. #4
    flash24's Avatar
    flash24 no está en línea Device Pro
    Join Date
    Aug 2006
    PIN/ID
    3319688f
    Posts
    4,063

    Re: SMOBILE Virusguard for BlackBerry v.5.0

    Thanks for sharing!

  5. #5
    MrDavv's Avatar
    MrDavv no está en línea Stack level 2
    Join Date
    Dec 2006
    Posts
    55

    Re: SMOBILE Virusguard for BlackBerry v.5.0

    If you are a BES admin, it would be better to polish the skills with the IT Policy that is provided be RIM. This can lock down a BB device as needed easily. Also, for the BES server have some firewall enabled to restrict incoming and outgoing ports and destinations. Treat the BES as a public interface when designing your security model and you will be fine. I feel that software like this is unnecessary. The company is grasping at straws a marketing angle to induce fear, uncertainty and doubt. Read about the key points of the this software and ask yourself, "do I really need this? What is my risk?" Now read up on that BB IT Policy.

    Thanks for posting this topic as it can lead to good discussion.

  6. #6
    ArtLogan's Avatar
    ArtLogan no está en línea Stack level 1
    Join Date
    Dec 2007
    Posts
    1

    Re: SMOBILE Virusguard for BlackBerry v.5.0

    I installed the SMobile VirusGuard and it seems to run smoothly on the device, however, it does not seem to protect the device from anything beyond the conceptual BBProxy exploit, and I am not sure if it does that effectively.
    I contacted the people at Smobile, and they first confirmed that there seems to be a problem with the software. Then, they claimed that they were able to fix the problem and they could prove it on one of the devices, but they would not offer me any method of testing my device to confirm that the software is working. They have not responded to me since then.
    I have gone so far as to install the EICAR test string on the device, where it happily resides with no problem. The string is detected only if I plug my device into a machine running a different anti-virus product. I have visited infected web pages using the handheld browser with not so much as a PEEP from the VirusGuard software.

    I am not looking to trash Smobile systems. Rather, I am trying to see if perhaps I am testing it incorrectly, or if I have incorrect assumptions about how it should function.

    Any help or advice you can offer would be greatly appreciated.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •