Novell hacking

[nihil]

dinowuff

"Did some consulting a while back.
Consoleone 1.3.6
ZenWorks ?.?.?
AD"

WTF are you saying................care to elaborate in English?

[dinowuff]

Nihil:

In short, I had the pleasure of working with Consoleone 1.3.6, installed on a network hodpodge consiting of Novel, Unix and Windows, spending many days and nights reading and googling.

Most everything I learned about Consoleone and what others said about it at the time..

I have heard that there are problems with Consoleone 1.3.6 and NN 6.5 SP2...............but only if you are running Zenworks 4.1.............and that isn't an exploit, it just doesn't bloody work!

Brought back memories.

In the end the network was "Usable"

[nihil]

Hey!

That is excellent! I was talking to a pal a couple or three weeks ago and he was bemoaning his problems................me, I haven't done any of that Novell stuff since around 3.something...............at least 5 years.

What were the problems..........in plain English again my mate is even thicker than I am

He has 6.5 SP2, consoleone 1.3.6 and Zenworks 4.1

What was it?, what did you do?

Cheers

[Tiger Shark]

"last night I didnt get hacked"

I say that every morning after checking the logs..... Makes me feel all warm and fuzzy....

As to the OP.... If you want a challenge try defending systems with something of value in them.... It's far more challenging than attacking the systems of people who are defenseless.... trust me....

[rowdy_yates]

Originally posted here by nihil
Hey!

That is excellent! I was talking to a pal a couple or three weeks ago and he was bemoaning his problems................me, I haven't done any of that Novell stuff since around 3.something...............at least 5 years.

What were the problems..........in plain English again my mate is even thicker than I am

He has 6.5 SP2, consoleone 1.3.6 and Zenworks 4.1

What was it?, what did you do?

Cheers

A lot depends on how and who deploys the product. We have been running Netware 6 with ZEN with XP clients for years on one site. Works like a charm.

What I might add is this. It also depends what you are trying to make the product do. What I mean is, if you are trying to make Netware w/ NDS & ZEN do all the fancy stuff that MS AD can do with WinXP clients - then you might be in for some long nights. You need to accept what the product is and the way it does things.

We have seen some shops trying to get AD fuctionality out of a non-MS product (in some cases Novell products) in the hopes that they will get better stability & security than if they actually deployed the MS product they wanted to in the first place.

What I always say, if your top prioroty is to deploy MS APPS efficiently MS clients - then go with AD and learn how to do it as best as possible.

also, to OP: A properly secured and patched Netware server is much hard to break into than an MS sever in same state. Don't be fooled.

[XTC46]

also, to OP: A properly secured and patched Netware server is much hard to break into than an MS sever in same state. Don't be fooled.

your post was decent until that line. How is it possible for two things to be "properly secured" and then one be easier to break in to. If you "properly secure" a MS box it is no easier to break into than any other os.

[dinowuff]

Nihil:

The best way to describe the problem(s)...

It started with Netscape email users authentication problems. Company had 2000 AD installed and migrated SOME user accounts. So there was a LDAP issue.

Throw into the mix a Home grown ERP type (best way to describe the software) Unix base Application. Users authenticated to the network via Novel, then to Windows. If they needed to use the ERP system. So I guess the best way to describe this issue would be a Trust relationship - except all in the same domain. I really can't explain how screwed up the configuration was. BUT looking back, that was the most secure network I'd ever seen. No one, AND I MEAN NO ONE could access mission critical data! :-)

Other issues: DNS, Oh yea - the 2000 controller (only one) was installed in Native Mode. The previous Novel admin had configured ZenWorks in such a way that only he knew how anything worked. If I remember correctly there were about 12 major configuration issues.

What I did:

Called a Novel Expert! He reconfigured zenworks and removed Consoleone. Patched and re patched the OS and upgraded Novel Clients. (Through out the company he found 9 various versions of the Novel Client software) Makes you wonder if the previous admin knew how to use zenworks.

I migrated users to 2000 domain, and installed exchange. Not my preference for that environment; however, it's what the client wanted. At least it wasn't Netscape mail!

Then after users could actually log onto the LAN and access the file/print servers and their email I Addressed the Unix issue the best I could. HP UNIX btw, which I could not get the client to replace. Which is why, on this project, I refer to myself as

/me = l4m3r for I was not l337

So much was, and still is, wrong with that network that I could only suggest the client start over. I mapped out the project gave them a statement of work, never heard from them again. I did run into a former employee a few months after I left. She said that the new IT manager was hiring college interns to fix the Network and that things got worse by the day about a month after I left. To the point that users had a 50/50 chance of being able to log on in the morning.

[rowdy_yates]

Originally posted here by XTC46
your post was decent until that line. How is it possible for two things to be "properly secured" and then one be easier to break in to. If you "properly secure" a MS box it is no easier to break into than any other os.

I don't know - but I personally think it is. A properly secured Unix based system is more secure than a properly secured NT based system. But it is debatable. :-)

[XTC46]

I don't know - but I personally think it is. A properly secured Unix based system is more secure than a properly secured NT based system. But it is debatable. :-)

if it is properly secure it means that it cant be broken into without an unknown exploit. The lilklyhood of an unknown exploit is the same no matter which os you use. windows one just appear to have more becasue more people look for them.

[|3lack|ce]

I'm just curious after reading through some of the junk posted here... Zenworks... Zero Effort Networking works.... what's there to really know? Has Novell really screwed that up too? (It worked nicely back in the days of netware 5)