Security Best Practice: DRDA Compliant IBM DB2 Traffic Enforcement
| Check Point Reference: | SBP-2009-14 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | IPS Research Center | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? IBM DB2 users | ||
| Vulnerability Description IBM DB2 Database is a relational database management system that consists of a set of services that work together to provide data processing functionalities. IBM DB2 Protections use the Distributed Relational Database Architecture (DRDA) standard. A parsing error can be an indication of malicious traffic. If a parsing error occurs, other IBM DB2 protections might not be able to run. |
||
|
Vulnerability Details IPS is able to recognize an illegal IBM DB2 packet. This ability enables IPS to catch potentially harmful packets before they enter the network. Only legal IBM DB2 packets sent over TCP will be able to enter the network. All IBM DB2 client to server connections over TCP will be inspected to verify that every packet attempting to enter the network is legal (DRDA compliant). |
Protection Overview
This protection enforces IBM DB2 client to server connections to comply with DRDA in terms of message length.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice
To configure the defense, select your product from the list below and follow the related protection steps.