Easily Managing Rogue Forwarding Rules using Vertigo

We’ve all read about the latest security threat to GroupWise WebAccess. The Register reports:

"One vulnerability allows an attacker to forward all of a user's email simply by sending a specially crafted email, according to Adrian Pastor, an employee for ProCheckUp, a penetration testing firm based in London. The cross-site request forgery bug allows attackers to add new forwarding rules simply by tricking a user into opening the email, no clicking of links necessary."

Novell has provided hot patches for GroupWise 7 and GroupWise 8 quickly to solve this vulnerability. To be safe, you should make sure that you update your GroupWise system with the patches as soon as possible.

It is also important that you make sure that no information is leaking because of forwarding rules. After updating your GroupWise system with the latest hot patches, it is good practice to check all user rules to make sure that you don’t have any of these rogue rules in your system.
One way to do this is to block forward rules at the GWIA level. You may also monitor the GWIA logs, and if such a crafted rule in your system exists you need to shut it down and delete it.

If that sounds like too much work, GWAVA can make your life much easier with Vertigo. Vertigo lets you manage all mailboxes and rules from a single intuitive interface. Vertigo can save you a lot of time when GroupWise security issues arise.

View this Camtasia flash demo to see how easy it is to check all of your GroupWise rules per mailbox as well as for all mailboxes using Vertigo.

http://download.gwava.com/vertigo/camtasia/rules/Rules.html

Find out more about Vertigo at www.gwava.com