----------
Hopefully you guys can help me.
Russell
----------
From: Jeff D. Hayes
To: Russell J. Dwire
Subject: FW: Novell Vulnerabilities
Date: Wednesday, August 28, 1996 8:45PM
If you don't get a good response, I would post your message to
firewalls @
greatcircle .
com .
I can't provide you the details you need.
-jeff
----------
From: owner-demigods
To: demigods
Subject: Novell Vulnerabilities
Date: Wednesday, August 28, 1996 4:06PM
Folks,
I would like to gather any information on (Novell) IPX vulnerabilities.
I
want to identify possible ways an individual can infiltrate (hack) into a
network, it is common knowledge concerning attacks on IP networks.
(spoofing and collecting information through to process of using a
passive
listening deviceS and fragmentation attacks etc.). What about IPX?
--------------
I don't really think spoofing in that sense is a relevent attack because
all Netware connections are authenticated through RSA public/private key.
The only hole in this to my knowledge is that only the client is
authenticated, the server is not. So, certainly for bindery mode
connections you could impersonate a Netware server by doing something as
simple as turning on SAP in Win95 and running a hacked LOGIN.EXE that
caches usernames and passwords and redirects them to a real Netware
server.
I don't know how you'd override the SAP of an existing server, but if the
preferred server is not set then the Netware clients will look for the
nearest server (which could be your Win95 box).
Keith McCammon
keithm @
asymetrix .
com
Network Analyst
Asymetrix Corporation
Follow-Ups:
|
|
