Netware 4.x/5.x is a hell of alot harder to hack than NT when you are
talking out of the box. I have played with the aforeto mentioned tools,
and frankly they are not that great. I had the actual NDS files (which is
not likely for the any hacker to get a hold of) and I couldn't even get
it to extract accounts using pandora which is at the forefront of the
novell tools. Also, as John accurately points out, most of the Netware
hacks are for 3.x. Now, having said that, there are plenty of the stupid
things an admin can do to open up a Netware server and invite the cheeky
monkeys, but that is true with any OS.
Carric Dooley
COM2:Interactive Media
http://www.com2usa.com
On Tue, 20 Apr 1999, John Haines wrote:
> "Michael H. Warfield" wrote:
>
> > Snicker... I don't think so...
> >
> > I know of at least one "exploit" that let a user create a suid
> > root file for Unix on a Novel NFS server just by making it "read only".
> >
>
> I'm sure everyone can drag a lot of skeletons out of the closet regarding
> NetWare 3.x security. Big deal ! If you're still running 3.x, well, let's just
> say these things are no suprise. Would you expect an 8 year old version of Unix
> to be secure ? NFS is only as secure as the access you allow it to the UNIX
> volume - if I let you have write access to the root of my server, then I deserve
> what I get. Whether I get that access through NFS, NetWare NFS, TFTP - hardly
> matters...
>
> <snip>
>
> > Considering the insular, closed, proprietary
> > environment they are coming from, I don't really think they have much of
> > a security clue.
> >
>
> Hmmm... this would be opposed to a forward thinking, open, security concious
> company like, say, Microsoft ?
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
