 |
 |
Network Security |
 |
 |
 | ||||
|
|
Network Security |
|
|
| | ||||
From an organisation calling itself the Nomad Mobile Research Centre (NMRC). They have published a set of tools for hacking the Netware 3 Bindery. The Pandora Project is aimed at probing the Novell Directory Service (NDS).
The project has been running for some years now.
There is a set of brute force tools for cracking passwords once the NDS databases have been accessed. Access requires access to the File Server console. (So, keep it under lock and key AND keep the RCONSOLE password secure.)
They use exhaustive search (brute force) to test all possible passwords against all the passwords in the database. They use the same algorithm to encrypt the passwords that Novell does.
This is the critical claim. If this is true and cannot be fixed then NDS’s security is badly flawed.
Packet signatures are a way of ensuring that a communications session between two systems is not subverted.
NMRC showed that if the Packet Signature levels are not set correctly at the Client and the File Server, hackers can gain access to the network resources by forging packets and using these forged packets to make themselves equivalent to other users - usually Admin.
Packet Spoofing requires connection to the LAN or Intranet which is being hacked. This usually means physical access to the building in which it is housed.
NMRC and Novell have been in communication about this situation. Novell acknowledges the situation and says that setting Signature Levels to 3 at the File Server and 1 at the Client AND installing Service Pack 5B, released in 1997, prevents the hacks.
Service Pack 5B is required before Novell will provide Technical Support and is listed on their Minimum Patch List.
http://developer.novell.com/research/topical/security.htm
How to set up security-aware NetWare servers.
|
|
 |
 |
 |
 |
|
|
 |
Web Author: Geoff May.
Last Update: 09/09/98 Copyright © 1998 by Network Business Services Pty Ltd. All Rights Reserved. |