Vulnerabilities in Novell Netware
Results 1 to 3 of 3

Thread: Vulnerabilities in Novell Netware

  1. #1
    Junior Member
    Join Date
    Mar 2002

    Vulnerabilities in Novell Netware

    Does anybody know of any I can't seem to find any?

  2. #2
    Join Date
    Apr 2002

    Quick check out the 11,200 hits for your question.
    America - Land of the free, home of the brave.

  3. #3
    Senior Member
    Join Date
    Jan 2002
    There have been some, but it's unlikely they're still present.

    Novell has a good security reputation mostly. Its main weaknesses stem from being based on DOS (or Windows) (Neither of which the server actually runs under)

    Things to watch out for normally:

    - Supervisor accounts running world writable binaries (duuh!)
    - Supervisor accounts logging into machines which may have keyloggers, fake login screens etc
    - People left logged in (yes it does still happen)

    - Supervisor accounts running backup jobs, printing bits etc

    - Fake file servers
    (A classic attack)
    - Creates a file server with the same name as a real one, clients are fooled into connecting to it and revealing at least some information about their password, hence dictionary attacks at least can be done.
    - Fake file servers may work better when the real one(s) are down - for instance they might be DOS'd so watch out.

    - Macs might have vulnerabilities which expose novell logins

    Novell has an advanced filesystem and the Bindery/NDS is a clever and complex directory - these facts make it easy to hide information in them, as not all things are obvious.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts