Does anybody know of any I can't seem to find any? :confused:
Printable View
Does anybody know of any I can't seem to find any? :confused:
www.google.com http://www.google.com/search?sourcei...ulnerabilities
Quick check out the 11,200 hits for your question.
There have been some, but it's unlikely they're still present.
Novell has a good security reputation mostly. Its main weaknesses stem from being based on DOS (or Windows) (Neither of which the server actually runs under)
Things to watch out for normally:
- Supervisor accounts running world writable binaries (duuh!)
- Supervisor accounts logging into machines which may have keyloggers, fake login screens etc
- People left logged in (yes it does still happen)
- Supervisor accounts running backup jobs, printing bits etc
- Fake file servers
(A classic attack)
- Creates a file server with the same name as a real one, clients are fooled into connecting to it and revealing at least some information about their password, hence dictionary attacks at least can be done.
- Fake file servers may work better when the real one(s) are down - for instance they might be DOS'd so watch out.
- Macs might have vulnerabilities which expose novell logins
Novell has an advanced filesystem and the Bindery/NDS is a clever and complex directory - these facts make it easy to hide information in them, as not all things are obvious.